Does an SSL certificate targeted at users in China need to be generated by a Certificate Authority in China by law?

Asked Nov 14 '18 at 14:51

Active Nov 14 '18 at 15:16

Viewed 38 times

The company I work for is hosting a web page secured with login and password and working through SSL with a certificate generated in USA. This is already on production.

They want to expand the market to China and they have this idea that SSL certificate in this case needs to be generated by a Certificate Authority in China by law. Is this true?

edited Nov 14 '18 at 15:16

Stephen Ostermiller

98,758
18
137
361

asked Nov 14 '18 at 14:51

Barbara PM

It might be worth having a look at this question as well https://webmasters.stackexchange.com/questions/100889/https-and-china – Steve Nov 14 '18 at 21:25
At least it is easy to find counterexamples, even if they may be edge cases. amazon.cn certificate CA is DigiCert... www.apple.cn is signed by some Apple subCA and then by GeoTrust. – Patrick Mevzek Dec 07 '18 at 00:31

Does an SSL certificate targeted at users in China need to be generated by a Certificate Authority in China by law?

0 Answers0