Russia Issues Its Own TLS Certs
The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA.
Stay updated on certificate-related infosec topics, including SSL/TLS, PKI, and digital certificate management for robust cyber security.
Search across headline titles and summaries.
Background for this topic.
Digital certificates are electronic documents that verify the ownership of a public cryptographic key by an individual, organization, or device. Issued by trusted Certificate Authorities (CAs) within a Public Key Infrastructure (PKI), certificates enable secure communication by confirming identities and supporting encryption protocols like TLS. They include information such as the subject’s name, public key, issuer, validity period, and digital signature from the CA.
Security concerns with certificates focus on risks like CA compromise or fraudulent issuance, which can allow attackers to impersonate legitimate entities and intercept or alter encrypted traffic. Expired or revoked certificates may cause connection failures or be exploited if clients do not properly validate them. Effective certificate lifecycle management—including timely renewal, revocation checking (via CRLs or OCSP), and monitoring for unauthorized certificates—is essential to maintaining trust and preventing man-in-the-middle attacks or unauthorized access.
The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA.
The Russian government has established its own TLS certificate authority (CA) to address issues with accessing websites that have arisen in the wake of sanctions imposed by the west following the country's unprovoked military invasion of Ukraine
Meanwhile, Anonymous claims it's popped Putin's comms regulator Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin's invasion of Ukraine.…
Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals. [...]
Nvidia certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.