SSLs, as described in category (11) of the Annex to GL D-2 encompass “provisioning and verification software for Secure Socket Layer (SSL) certificates designated EAR99 or classified under ECCN 5D992.c, and services necessary for the operation of such software.” Additional provisioning and verification software not subject to the EAR may be included under GL D-2’s authorization for, in relevant part, software not subject to the EAR that is exported or reexported, directly or indirectly, by a U.S. person located outside the United States, that is of a type described in the Annex to GL D-2, provided that it would be eligible for classification under an ECCN listed in the Annex (ECCN 5D992.c), or designated as EAR99, if it were subject to the EAR.
Date Updated: January 11, 2023