I was setting up an OpenVPN server a while ago. To remove the browser warning on its WebGUI, I used a free certificate from StartSSL because it's more straightforward than Let's Encrypt. As I was setting up the certificate though, I encountered a couple of articles warning the community about StartSSL. You can read more about it here.
Since WoSign and StartCom are no longer trustworthy, I manually removed them from my browsers:
At least the chance of being snooped upon by Chinese state hackers is slightly lessened now.