Russia Using SSL TLS Certificate Authority (CA) to Bypass Sanctions

Russia has attempted to bypass existing sanctions on internet access creating its own trusted TLS certificate authority (CA) after being prevented from renewing their existing certificates.

Because Russian domains cannot renew their certificates, regular browsers prevent access and display a full-page warning saying that they are insecure. 

According to an email received by an employee of a global internet services firm from the Russian State Services (Gosuslugi), the Russian government has advised the installation of a new TLS certificate or use Russian-made browsers such as Yandex or Atom which already has the certificate installed. 

“Some sites may not open now. This is due to problems in the work of certificate authorities that check the security and reliability of Internet resources. In order to have access to all sites and the necessary online services, including Gosuslugi, we recommend installing browsers that support the Russian certificate,” said the Gosuslugi.

The Gosuslugi added that the new TLS certificate “will replace the foreign security certificate if it is revoked or expires.”

Gosuslugi added that they will provide the certificate to legal entities – site owners upon request within 5 working days,

Currently, there are already reportedly 198 local domains advised by the Gosulugi to get the new certificates included in a document obtained by Bill Toulas of Bleeping computer.

© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.