First it was Superfish, then it was Dell's eDellRoot. In both cases, a root level SSL CA - whose private key is normally kept in an offline tamper resistent vault in an secured datacenter - was created with the private key available on desktop computers worldwide. Anyone could use that to impersonate any website they wanted to affected users.
So are there more? Probably. There's also CAs who don't properly handle their keys, like China's CNNIC. How do you know who you trust? And how do you control it?
The browser you're using right now trusts a bunch of certificate authorities. Which bunch of certificate authorities - properly called a 'root certificate store' - is determined by your OS and browser:
The major root certificate stores are Apple, Microsoft, Mozilla, and Android. When you visit a website, the website presents a certificate that's signed by another certificate, which is signed by another certificate, until you reach one of the certificates in the store you're using.
Each certificate store has its own requirements for a certificate authority to get added. However they all require certificate authorities to pass WebTrust for Certification Authorities, an audited assurance process for the policies and procedures for verifying identity, issuing certificates, handling keys, and more.
Occasionally CAs violate the WebTrust requirements: the Chinese government (CNNIC) and Symantec both recently issued fake certificates for google.com. In CNNIC's case, they gave their private key to a third party that issued the fake certificate. CNNIC was removed from the Android and Mozilla root stores, but the Microsoft root store - used by Chrome on Windows and Edge on Windows - only revoked the misissued certificates. Symantec's case was less severe: an accidental, but still troubling, misissuance: in this case the root stores kept their certificates and the employees responsible were fired.
Asides from Apple, Microsoft, Mozilla and Google's root store requirements and WebTrust, other efforts to ensure that CAs behave include certificate transparency, which we've discussed before.
But there's also you. If you're not sure whether ancient CAs or government authorities deserve your trust, you don't have to give it to them: more specifically, you can mark them as untrusted. This will make your browser show up a warning when you visit sites trusted by them.
Note: revoking a popular key will make your browsing experience somewhat awkward. However CNNIC and government CAs aren't part of your daily browsing experience, and you can enjoy the internet without trusting them.
Firefox has quick, simple UI for marking a certificate as untrusted. Just open Firefox Preferences > Advanced > Certificates > View Certificates.
Select any certificate and click Delete or Distrust.
If you're using Chrome or Edge on Windows, you'll be using the Windows certificate store. Windows downloads and installs root certificates as needed, but you can actually blacklist a certificate to stop it being installed later.
This is a cumbersome process, but works:
Get the full list of trusted root certificates Windows would install from Windows Update, and open it:
certutil -generateSSTFromWU rootcas.sst invoke-item rootcas.sst
Windows Certificate Manager will show all the root certificates that Windows would auto install.
certmgr.mscand visit Untrusted Certificates > Certificates.
You'll now see the certificate listed in the Untrusted Certificates.
OS X's inbuilt Keychain Access app is competent, similar to Mozilla's. They're also the only key management UI that put a search box in their UI.
It's incredibly easy to disable roots you don't trust on Android.
In Settings, tap Security > Trusted credentials. Tap the certificate you'd like to remove, scroll down and touch Disable.
iOS seems to be the only device which doesn't allow removal or disabling of it's inbuilt root certificates. There's no way to remove or not trust a certificate included in Apple's root certificate store.
While Apple Configurator 2 allows you to create a Config Profile which can add certificates, and some WiFI providers use Config Profiles to install additional root certificates.
If you want to check for and remove added certificates:
We hope this article has shone a light onto the rarely-revealed world of root certificate stores. While you might not change the CAs you trust, it's useful to know you have the option to do so. Have any thoughts? Hit us up on Twitter at @certsimple.
Mike MacCana, founder at CertSimple.
An EV HTTPS certificate verifies the company behind your website. But getting verified is a slow painful process. CertSimple provides EV HTTPS certificates 40x faster than other vendors. We check your company registration, network details, physical address and flag common errors before you pay us, provide verification steps specific for your company, update in realtime during the process, and even check your infrastructure to help you set up HTTPS securely.
Verify your site now!