Apple, others ban Kazakhstan’s MitM HTTPS certificate

Apple, Google, Microsoft, and Mozilla, have banned today a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country’s capital, the city of Nur-Sultan (formerly Astana), reports ZDNet.

Under the guise of a “cybersecurity exercise,” the Kazakhstan government is forcing citizens in its capital of Nur-Sultan to install a digital certificate on their devices if they want to access foreign internet services. Once installed, the certificate would allow the government to intercept all HTTPS traffic made from users’ devices via a technique called MitM (Man-in-the-Middle).

However, with the ban, even if users have the certificate installed, browsers like Safari, Chrome, Edge, and Mozilla will refuse to use them, preventing Kazakh officials from intercepting user data.

Kazakhstan users have told ZDNet that they are not able to access sites like Google, Twitter, YouTube, Facebook, Instagram, and Netflix without installing the government’s root certificate. The MitM HTTPS certificate is the Kazakh government’s third attempt at forcing citizens to install root certificates on their devices after a first attempt in December 2015 and a second attempt in July 2019.