Your certs issued before June 1st 2016 may be impacted due to a loss in trust between Google and DigiCert Symantec
Your certs issued before June 1st 2016 may be impacted due to a loss in trust between Google and DigiCert Symantec.
SSL247® would like to update you on a proposal from Google that could affect your SSL certificate(s) issued before June 1st 2016 by Symantec, GeoTrust, Thawte or RapidSSL.
What has happened?
In March, Google submitted a proposal after investigating the potential mis-issuing of certain Symantec certificates (more precision).
In the following months, Symantec and the browser community continued debating the issue and the proposed changes to existing processes (more precision).
In June, Symantec posted a response to Google’s subCA Proposal, summarising what had happened and how they plan to move forward (more precision).
Google’s last proposal states that from 15th March 2018, Google’s Chrome browser will gradually begin mistrusting SSL certificates issued before June 1st 2016 by Symantec, GeoTrust, Thawte and RapidSSL.
How could I be affected?
If you go on with your affected certificates, visitors accessing your website via Chrome (version 62 onwards) may be presented with a warning message about the validity of the SSL certificate, resulting in a disruption to the operation of your business online.
This will not, however, affect users of other browsers yet, nor will it affect any certificates that are not public facing and are used for a purely internal installation.
What can I do to minimise disruption?
DigiCert Symantec has suggested that action be taken before March 1st 2018 in order to minimise disruption.
SSL247 recommends that you log in to your MySSL to see any affected certificates and actions to take.
Please get in touch as soon as you can to pre-empt any disruptions to your online business continuity.
Send us your comments
Your comment will not be published. If you have a question, do not forget to write your email address so that we can get back to you!