Apple products no longer trust the Wo Sign CA Free SSL Certificate G2 intermediate CA.

Apple products will block certificates from Wo Sign and Start Com root CAs if the "Not Before" date is on or after GMT/UTC.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement.

Both the public and private key contain information about the Certificate Issuing Authority, Digi Cert, Comodo, and so on.

If your operating system considers the certificate issuing authority as trustworthy, the messages are sent back and forth between the browser and the websites.

It has two keys – one with the branch manager and one with the user of the vault.

The vault opens only if the two keys are used and matched.

Apple uses public key infrastructure (PKI) to secure and enhance the experience for Apple users.

Apple products, including our web browser Safari and Mail.app, use a common store for root certificates.

Although no Wo Sign root is in the list of Apple trusted roots, this intermediate CA used cross-signed certificate relationships with Start Com and Comodo to establish trust on Apple products.

In light of these findings, we took action to protect users in a security update.

They will continue to be trusted until they expire, are revoked, or are untrusted at Apple’s discretion.