From SANS NewsBites - 2022-03-11

Russia Creates TLS Certificate Authority
(March 10, 2022)
Russia has created its own TLS certificate authority to issue certificates
for Russian sites whose TLS certificates have expired or been revoked. Yandex
and Atom are currently the only browsers that recognize the new certificate
authority as trustworthy.
 
Editor's Note
 
[Ullrich]
Certificate authorities have also been revoking some certificates for
Russian organizations. As a result, you may get warnings when visiting
affected sites. Do not add the new Russian CA as a trusted CA in your
browser/operating system. This new CA operates outside the rules governing
CAs in current trusted CA lists. Currently, free certificates from Let's
Encrypt should still work for Russian sites.
 
[Neely]
The current sanctions prevent certificate renewals with certificate issuers
outside Russia and vetting a new issuer for inclusion in browsers is a
lengthy process unlikely to commence until those sanctions are lifted. If
you must interact with a site that uses these certificates e.g. Sherbank,
VTB, or the Russian Central Bank, you will need to both verify you will
not run afoul of sanctions and either add the CA's public cert to your
browser or use the Russian browsers which already support it. Time will
tell where this goes.
 
Read more in:
- https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/