All,
The Gmail Security team has updated the trusted root list for Gmail S/MIME as follows
CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE (expired)
SHA256 Thumbprint: 16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
CN=TrustAsia SMIME ECC Root CA,O=TrustAsia Technologies\, Inc.,C=CN
SHA256 Thumbprint: 436472c1009a325c54f1a5bbb5468a7baeeccbe05de5f099cb70d3fe41e13c16
CN=TrustAsia SMIME RSA Root CA,O=TrustAsia Technologies\, Inc.,C=CN
SHA256 Thumbprint: c7796beb62c101bb143d262a7c96a0c6168183223ef50d699632d86e03b8cc9b
SHA256 Thumbprint: 9a12c392bfe57891a0c545309d4d9fd567e480cb613d6342278b195c79a7931f
SHA256 Thumbprint: d02a0f994a868c66395f2e7a880df509bd0c29c96de16015a0fd501eda4f96a9
SHA256 Thumbprint: d9a32485a8cca85539cef12fffff711378a17851d73da2732ab4302d763bd62b
The new trusted root list will be taking effect in a few weeks. Upon that time, we will also update the CA certificates trusted by Gmail for S/MIME Help Center article.
Thank you
-Erhan, on behalf of the Gmail Security team