This website uses cookies to ensure you get the best experience on our website. More info
Got it! Accept

Your Internet Ally

Details
Category: Useful News

Some months ago, after Google's checks, Goolge found that some certificates issued by Symantec had not been properly validated. So Google decided to withdraw the trust of Chrome in all certificates issued by Symantec.

But what is the situation today? Following the communication of the two companies, Google and Symantec, the solution was to transfer Symantec's certificate validation to a third issuing authority. After third-party certificates are released, Google's browser, Chrome, will continue to trust Symantec's certificates. The agreement was then announced to acquire Symantec web security from DigiCert. After this acquisition, DigiCert will also be responsible for validating all Symantec certificates from December 1, 2017.

According to the agreement, Google has announced how Chrome will handle certificates already issued by Symantec and before they are issued by the DigiCert validation authority. Because some things have been misinterpreted and there are incomplete information below, we will see what things are what we need to know.

All Symantec (Symantec, GeoTrust, Thawte, and RapidSSL) SSL certificates from December 1 of 2017 will be issued by DigiCert's validation platform and will be trusted for Chrome. This does not mean that Symantec's brands will cease to exist, they will normally be issued but will be issued by a different, upgraded validation platform. Certificates issued after December 1st of 2017 are trusted by Google.

The question that arise now is about what's going on with the certificates that were issued earlier. They distinguish between those issued before June 1 of 2016 and those issued thereafter. Below we will see what applies to both categories.

 Certificates issued before 1 June 2016
Certificates belonging to this category will not be considered trustworthy by Chrome after 15 March 2018. To keep your site trusted, the certificate should be replaced. See what to look out for:

  • If the certificate expires before 15 March 2018 you do not need to do anything. The certificate will continue to be trustworthy from Chrome until it expires.
  • If the certificate expires after 15 March 2018, but before 13 September 2018 you can issue this certificate again at any time before 15 March 2018.
  • If the certificate expires after 13 September 2018 you will need to issue the certificate again before 15 March 2018.

 Certificates issued after 1 June 2016
Certificates belonging to this category will not be trusted for Chrome after 13 September 2018. See what to look out for:

  • If the certificate expires before 13 September 2018, you do not need to do anything. The certificate will continue to be trustworthy from Chrome until it expires./li>
  • If the certificate expires after 13 September 2018, you will need to issue the certificate again before 13 September 2018.
  • If you purchased a certificate after 1 December 2017, the Chrome browser will trust this certificate. You will not be asked to reissue.

The same policy as Chrome was followed by Firefox. Below are the dates to look out for:

  • January 2018 (Firefox 58): There will be an update to the developer console, to which you will refer to the Symantec certificates issued before June 1, 2016 so that website owners can take the necessary action.
  • May 2018 (Firefox 60): The new browser version will show an unreliable connection error for Symantec certificates issued before June 1, 2016.
  • October 2018 (Firefox 63): It will not trust any Symantec certificate issued before December 1, 2016, and corresponding end-user predictions will appear.

Using Symantec security certificates is safe and you can buy them. However, you should take note of the above dates if you have already purchased one at these times. If your certificate has been purchased for a period of 1 year, it may not take any action on your part. The re-issue of the certificates will be free of charge. No longer issued certificates for longer than 2 years by any certification company. This was done because it was decided on February 20, 2018 to stop certification over 2 years from all authorities of certification and SSL certificates.

Choose an SSL certificate from innoview.gr!

Sources:
https://security.googleblog.com/2015/10/sustaining-digital-certificate-security.html
https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
https://wiki.mozilla.org/CA:Symantec_Issues