Japanese GlobalSign, one of the world's largest certification authorities, has begun forcibly revoking SSL certificates from companies in Russia. As a result, some websites may open with a warning about an insecure connection or temporarily become unavailable to users of foreign browsers. RBC reports this, citing a letter from GlobalSign's Russian legal entity and market participants.
An SSL certificate acts as a digital "passport" for a website: it confirms the authenticity of the resource and enables a secure HTTPS connection, indicated by the padlock icon in the address bar. If a certificate is revoked, Chrome, Safari, Firefox, and Edge may consider the site untrusted and display a "Connection is not secure" warning.
According to RBC, the revocation began on the morning of June 13. The reason was new requirements from the CA/Browser Forum – an international consortium that sets rules for certification authorities and browser developers. After the regulations were updated, checking organizations against sanction lists became mandatory.
The scale of the problem could affect up to 15–20 thousand second-level domains. Moreover, each such address can have subdomains, so the actual number of affected certificates may be higher. T-Bank has already warned some clients about possible problems with logging into certain Russian websites and applications, and Rosselkhozbank has reported possible errors in the old version of its Android application.
The Russian Ministry of Digital Development stated that in the worst case, websites and online services might be unavailable for a short period until owners obtain new certificates. The ministry reminded that Russia has a National Certification Authority, and legal entities can obtain domestic TLS certificates for free through "Gosuslugi".
Experts believe that mobile applications, where certificates are pre-embedded within the program, may face the most difficulties. Without an urgent update, such applications risk losing connection with servers, and businesses will have to urgently migrate their infrastructure to new solutions.