Companies get around ssl issues by minting their own root CAs and configuring their workstations to trust them. China has no (technical) way of forcing you to trust their root CA
That might be true, but "install our root CA or you can't access websites" would get most people to do it.
Companies get around ssl issues by minting their own root CAs and configuring their workstations to trust them. China has no (technical) way of forcing you to trust their root CA