Browser Exclusions
As member of the CAcert community, you are interested in the InclusionStatus and to know in which browser CAcert's certificates are included.
There are not only difficulties too get CAcert into the browsers, but even CA that were in the browsers are now excluded from them.
2018
StartCom
As the browser makers distrusted StartCom around a year ago and therefore all the end entity certificates newly issued by StartCom are not trusted by default in browsers. While StartCom believes that the browser's conditions have been met, it appears there are still certain difficulties forthcoming. Considering this situation, the owners of StartCom have decided to terminate the company as a Certification Authority and StartCom will stop issuing new certificates starting from January 1st, 2018.
2017
Symantec
On March 24, 2017, Google had lost confidence in Symantec. It says millions of existing Symantec certificates will become untrusted in Google Chrome over the next 12 months. Google said Symantec failed to comply with industry standards and could not provide audits showing the necessary documentation.
2015
CNNIC
CNNIC violated their certificate practice statement and failed to properly oversee the practices of their subordinate certificate authorities. CNNIC is distrusted by browsers.
WoSign
WoSign was allowing unprivileged TCP ports (1024 and above) to be used for domain control validation. Since non-administrative users are typically allowed to accept connections on unprivileged TCP ports, this allowed users to obtain certificates for domains they did not administer. WoSign was also allowing control of a sub-domain to be used to prove control of a base domain. Initially, WoSign announces that all certificates they issue will be logged to Certificate Transparency logs, but they are ultimately distrusted by all major platforms due to their malfeasance.
2011
DigiNotar
After more than 500 fake DigiNotar certificates were found, major web browser makers reacted by blacklisting all DigiNotar certificates on or around August 29, 2011.
Digicert Sdn. Bhd
Digicert Sdn. Bhd, a Malaysian-based certification authority issued certificates with weak keys and had its trust revoked by web browsers in November 2011.