Description
Selected Chinese certificate authorities can be marked as untrusted to reduce trust in those roots. It is useful for administrators who want a stricter local certificate policy than the default trust store provides.
This is certificate policy data, not an app. Changing trusted roots can break HTTPS, package downloads, VPNs, enterprise portals, or other secure connections, so deploy it only after testing the sites and services your users need.