Google’s proposal on SSL certificates issued before June 1, 2016

An update on the proposal from Google that could possibly affect SSL certificates issued before June 1, 2016 by Symantec, GeoTrust, Thawte or RapidSSL.

What has happened?

In March, Google submitted a proposal after investigating the potential mis-issuing of certain Symantec certificates.

In the following months, Symantec and the browser community continued debating the issue and the proposed changes to existing processes.

In June, Symantec posted a response to Google’s subCA Proposal, summarising what had happened and how they plan to move forward.

As it currently stands, the proposal states that in August 2017, Google’s Chrome browser (version 62) will gradually begin mistrusting SSL certificates issued before June 1, 2016 by Symantec, GeoTrust, Thawte and RapidSSL.

How could I be affected?

If the proposal is implemented, visitors accessing websites with these certificates via Chrome (version 62 onwards) may be presented with a warning message about the validity of the SSL certificate, resulting in a disruption to the operation of your business online.

This will not, however, affect users of other browsers, nor will it affect any certificates that are not public facing and are used for a purely internal installation.

What can I do to minimise disruption?

Log in to your MySSL® account to check if you have any certificates that require action.

Navigate to ‘My SSL Certificates’ and then ‘Requires Re-Issue’ on the left-hand navigation menu.

You will then be presented with a list of certificates that require your attention, or a message informing you that no certificates need your attention.

If you have certificates that require action, we recommend getting in touch with your Account Manager as soon as possible to discuss the best solution for this situation.

Alternatively, follow this guide on how to re-issue certificates via your MySSL® account

As a multi-brand reseller, we offer you the added value of choosing from a range of SSL certificate brands, while maintaining your existing relationship and tailored service and support with SSL247®.

    914 142 288

Read our updated blog post: Chrome extends deadlines while DigiCert plans Symantec Web Security acquisition

Links to additional information:

  1. Google's Initial Proposal
  2. Browser Community Discussion
  3. Symantec’s June Response

Compartilhe isto:

Posted on Thursday 20 July 2017 by Wesley Hall

Voltar ao blog

Mande-nos seus comentários

Seu comentário não será publicado. Se tiver alguma pergunta, não esqueça de informar seu enderêço de email para que possamos contacta-lo.