Google’s proposal on SSL certificates issued before June 1, 2016

An update on the proposal from Google that could possibly affect SSL certificates issued before June 1, 2016 by Symantec, GeoTrust, Thawte or RapidSSL.

What has happened?

In March, Google submitted a proposal after investigating the potential mis-issuing of certain Symantec certificates.

In the following months, Symantec and the browser community continued debating the issue and the proposed changes to existing processes.

In June, Symantec posted a response to Google’s subCA Proposal, summarising what had happened and how they plan to move forward.

As it currently stands, the proposal states that in August 2017, Google’s Chrome browser (version 62) will gradually begin mistrusting SSL certificates issued before June 1, 2016 by Symantec, GeoTrust, Thawte and RapidSSL.

How could I be affected?

If the proposal is implemented, visitors accessing websites with these certificates via Chrome (version 62 onwards) may be presented with a warning message about the validity of the SSL certificate, resulting in a disruption to the operation of your business online.

This will not, however, affect users of other browsers, nor will it affect any certificates that are not public facing and are used for a purely internal installation.

What can I do to minimise disruption?

Log in to your MySSL® account to check if you have any certificates that require action.

Navigate to ‘My SSL Certificates’ and then ‘Requires Re-Issue’ on the left-hand navigation menu.

You will then be presented with a list of certificates that require your attention, or a message informing you that no certificates need your attention.

If you have certificates that require action, we recommend getting in touch with your Account Manager as soon as possible to discuss the best solution for this situation.

Alternatively, follow this guide on how to re-issue certificates via your MySSL® account

As a multi-brand reseller, we offer you the added value of choosing from a range of SSL certificate brands, while maintaining your existing relationship and tailored service and support with SSL247®.

    +1 855 207 2255

Read our updated blog post: Chrome extends deadlines while DigiCert plans Symantec Web Security acquisition

Links to additional information:

  1. Google's Initial Proposal
  2. Browser Community Discussion
  3. Symantec’s June Response

Share this:

Posted on Thursday 20 July 2017 by Wesley Hall

Return to blog

Send us your comments

Your comment will not be published. If you have a question, do not forget to write your email address so that we can get back to you!