In 2017, Google announced the plan to distrust the SSL/TLS certificates of Symantec and its subsidiary Certificate Authorities (CA’s), including GeoTrust, RapidSSL, and Thawte in the Google Chrome browser.
The plan will be executed in phases, with the first phase beginning in March 2018 with the release of the latest Chrome update (Chrome 66). The second phase is planned to take place in October 2018, with the release of the Chrome 70 update. In order for the secure (https) website to be trusted by the Chrome browser following these changes, publishers will need to reissue/replace their SSL certificates from DigiCert’s infrastructure before these deadlines.
Q: How do I know if I need to have my SSL certificate re-issued?
A: If your certificate was issued before June 1, 2016, you’d need to reissue/replace your certificate before March 15, 2018. If your certificate was issued after June 1, 2016, and before December 1, 2017, you’ll need to reissue/replace your certificate before September 13, 2018. If your issuance date is after December 1, 2017, you don’t need to reissue your certificate.
Q: Do I need to pay anything for the reissue of the certificate?
A: The re-issue of your SSL certificates should be free
Q: I issued a certificate from GeoTrust/RapidSSL/Thawte. Am I eligible for the reissuance?
A: You should be eligible. To check your eligibility, please click on Symantec SSL Certificate checking tool to confirm.
Q: Do I need to undergo the vetting process if I have OV/EV certificate?
A: Yes, DigiCert as the new issuer will need to verify your details.
If you have any questions, join the discussion in the Community here.