As we have informed you earlier, Google’s next step for the Chrome browser to distrust Symantec-branded certificates is coming on the 13th of September 2018.
- September 13, 2018 (Beta), October 23, 2018 (Stable, the vast majority of Chrome users)
- Chrome 70 will distrust all Symantec-brand certificates which were issued before the 1st of December 2017.
- Finish replacing all SSL certificates issued from Symantec’s old infrastructure using any trusted CA or from Symantec’s new partnership.
- Failure to install a new certificate will show visitors using Chrome 70 a warning that the website is not trusted.
If you manage Symantec/DigiCert certificates (or any of its brands – RapidSSL, Thawte, or GeoTrust) issued before the 1st of December 2017, you are going to need to replace your certificates at some point. Below you can find who is affected, why it’s important, and a detailed roadmap with dates.
Why is it important?
The Chrome browser is used by about 60% of internet users, and a website with a distrusted certificate risks losing a large portion of its audience. Anyone trying to visit a site which has a distrusted certificate will see a “Not Secure” warning in the address bar:
Who is affected?
If you are a current user of Symantec certificates issued before the 1st December 2017, this could affect you. On the 20th July we sent e-mails to the affected resellers with a list of the certificates which will need to be reissued. You can also find the list of certificates in your SSL Panel in the Notifications block.
Before the 13th of September, you should reissue all affected certificates and reinstall them. Reissue requests for all affected certificates will be performed at no charge from Symantec or Openprovider. These certificates will maintain their original expiration dates.