[leonidasv]

ICP-Brasil officially stopped emitting public-facing SSL/TLS certificates in October: https://www.gov.br/iti/pt-br/assuntos/noticias/indice-de-not...

This is pretty bad. Someone circunvented the ban on emitting public certificates but also disrespected Google's CAA rules. Hope this CA gets banned on Microsoft OSes for good.

[march_happy]

Checked certlm.msc, a hot fix seems to be already pushed as I can't see ICP Brasil under Trusted Root Certification.