As you might have heard over the media, Google is planning to distrust older SSL certificates from Symantec Group. Background: Google caught Symantec on issuing certificates for google.com without permission.

Affected SSL customers should therefore have their SSL certificate renewed in order to stay trusted by future Google Chrome versions. The effective timeline depends on the age of your SSL certificate.


TIMELINE

As per 01. Dec 2017 ...
... SYMANTEC is required to implement their new PKI-Infrastructure. Customers with SYMANTEC/RapidSSL/GeoTrust certificates can renew their certificate based on the new PKI infrastructure. Of course InterSSL will inform all affected customers upfront.

As per 15. Mar 2018 ...
... starting this day, Google Chrome (beta) will distrust Symantec/RapidSSL/GeoTrust certificates that have been issued before 1st June 2016. Solution: Re-issue your certificate (we recommend doing so AFTER December 1st 2017 so that you already obtain a SSL from the new Symantec infrastructure!)

As per 13. Sep 2018 ...
... Google Chrome (beta) will only accept SYMANTEC/RapidSSL/GeoTrust certificates that have been issued by the new SYMANTEC infrastructure (effective 1st Dec 2017). 

Bottom Line:
Affected customers should renew their SYMANTEC/RapidSSL/GeoTrust SSL certificates between 1st Dec 2017 and 15th Mar 2018 in order to be on the safe side.


Please find further details at Google: https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html



Wednesday, September 13, 2017

« Back