I was setting up an
OpenVPN server a while ago. To remove the browser warning on its WebGUI, I used a free certificate from StartSSL because it's more straightforward than
Let's Encrypt. As I was setting up the certificate though, I encountered a couple of articles warning the community about
StartSSL. You can read more about it
here.
Since WoSign and StartCom are no longer trustworthy, I manually removed them from my browsers:
At least the chance of being snooped upon by Chinese state hackers is slightly lessened now.