paint-brush
Google distrust of Symantec SSL certificates. Why is it important?by@FedakV
3,397 reads
3,397 reads

Google distrust of Symantec SSL certificates. Why is it important?

by Vladimir Fedak
Vladimir Fedak HackerNoon profile picture

Vladimir Fedak

@FedakV

CEO

April 16th, 2018
Read on Terminal Reader
Read this story in a terminal
Print this story
Read this story w/o Javascript
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

As soon as in Google 66, which is scheduled to be released on April 17, 2018, Google plans to distrust all Symantec-issued SSL certificates issued prior to June 1, 2016. What should be done about this?

Company Mentioned

Mention Thumbnail
Google
featured image - Google distrust of Symantec SSL certificates. Why is it important?
Vladimir Fedak HackerNoon profile picture
Vladimir Fedak

Vladimir Fedak

@FedakV

CEO

As soon as in Google 66, which is scheduled to be released on April 17, 2018, Google plans to distrust all Symantec-issued SSL certificates issued prior to June 1, 2016. What should be done about this?

image

As it turns out, Symantec SSL certificates do not comply with the industry-standard guidelines. In addition, Symantec had delegated the right to issue its certificates to several organizations (namely Thawte, GlobalSign, GeoTrust, RapidSSL, and Equifax) that did not do the necessary background checks of certain shadowy SSL applicants. In its post from September 11, 2017, Google announces the plan to distrust all Symantec SSL certificates by October 23, 2018.

This 13 month-long grace period was given to allow Symantec to do some internal cleanup, rebuild their infrastructure and deal with the compliance issues. In an response post by Symantec, the corporation agreed to the proposed terms, announced the schedule for the SSL Certificate replacement and provided instructions for its customers on how to deal with the situation.

image

Source — Symantec.com.

What does this mean for the common Internet users? You have to check if your website is affected by Google distrust. This can be done pretty easily:

  • Press F12 on the page of your website to inspect the HTML code.
  • If you have a faulty certificate, the warning will be displayed.
  • If you encounter such a warning, simply replace the faulty certificates with the ones issued by credible Certificate Authorities without any further penalties for you from Google.

image

This means the shadowy businesses will most likely not get their certificates reviewed, while the legitimate business owners have nothing to worry about.

As Chrome 66 is supposed to be released on April 17, 2018, you still have some time to replace the certificate, yet the time is running out. Once Chrome 70 is released around October 23, 2018, any Symantec SSL certificates issued from the previous infrastructure will become invalid. Make sure you are on the safe side!

Initially, this story was posted on my company’s blog — https://itsvit.com/blog/google-distrust-symantec-ssl-certificates-important/

L O A D I N G
. . . comments & more!

About Author

Vladimir Fedak HackerNoon profile picture
Vladimir Fedak@FedakV
CEO

TOPICS

THIS ARTICLE WAS FEATURED IN...

Permanent on Arweave
Read on Terminal Reader
Read this story in a terminal
 Terminal
Read this story w/o Javascript
Read this story w/o Javascript
 Lite
Co
Ewikibg
Wikihuhu
Explained
Upwikipl
Wikislv
Bye
Casplantje
Acompany
Drjack
Rotaryforum
Dewiki
Announcements
Accurate
Bye
Appsonly
Quero
Evna
Beam
Justapedia

Mentioned in this story

companies