Chrome and Firefox Set to Distrust Symantec SSL Certificates

Perspective / Oct 9, 2018
Kevin - Lucca Alla Moda
by Kevin Lucca Founder

Last year, Symantec, a provider of SSL Certificates was caught allowing questionable companies the ability to issue their own certificates under the Symantec name. SSL certificates are issued by trustworthy certificate providers in an effort to make the internet a more secure place. Once the news broke, it raised the attention of major internet players including Google, Firefox and Microsoft. After it was determined that the breach was too large to ignore or single out certain certificate issuers, a decision was made to simply distrust all of Symantec. Including its sub-brands SSL certificates issued within a certain timeframe.

Symantec’s reaction to the public outcry was to sell its entire SSL certificate business. The Utah based company, DigiCert, purchased Symantec’s SSL business and has been working to restore trust since.

Google’s Chrome browser is the most popular web browser on the internet. With Google’s decision to make it’s browser no longer trust Symantec issued certificates, it is putting more pressure on website owners to act quickly. SSL certificates are now expected by visitors, especially those on an eCommerce website were sensitive financial information is exchanged. Website owners that do not act in time could see an effect on their sales and trustworthiness. Their website will display as “Not Secure” in Chrome and Firefox.

Which Certificates Are Affected?

SSL certificates issued by Symantec, Thawte, GeoTrust, and RapidSSL before December 2017 will be affected by the October 2018 releases of Chrome 70 and Firefox 63.

What Can I Do?

To know if your website’s SSL certificate is affected, you can test using the link below.

https://www.websecurity.symantec.com/support/ssl-checker

If your website does have an SSL certificate that needs to be replaced, the team here at LuccaAM can assist you or you can request a new certificate from DigiCert.