Google’s Distrust of Symantec Certificates
If your website has an SSL certificate, [starts with https://] then you need to be aware of the changes Google are making which could impact you.
Within the last year, Google Chrome has devised a strategy to distance themselves away from Symantec certificates due to the security company’s inadequate security oversights. In the meantime, Symantec plans to revise and redesign their current infrastructure to appease the desired modern standards.
Symantec Corporation’s PKI [public key infrastructure – which has the ability to create, store, or destroy digital certificates] owns many different website authentication certificate providers, and it is some of these certificates which were inappropriately issued that have come to the foreground of Google Chrome and other PKI providers concerns. Some of Symantec’s certificate issuers include GeoTrust and RapidSSL, and so if you have a certificate from these companies, it would be recommended for you to replace your certificate soon.
What exactly is a certificate, you may be asking? The SSL certificate provides a layer of security between your own server and visitors which may be browsing your site. More importantly, any data exchanged between the two parties will be more protected and secure than websites using a mere HTTPS system. So when Symantec’s certificate providers are issuing inadequate certificates which do not reach required standards, many website owners and businesses are at risk, as their website is not as secure as they thought it was.
If your website has a certificate provided by Symantec which was issued before June 1, 2016, it is recommended that you receive a new certificate by a Chrome approved provider. And finally, by the time Chrome 70 will be released in late October in 2018, Chrome will fully dissociate from Symantec’s infrastructure and all the certificates that the company has issued.
To all of our clients to whom we have provided SSL’s with, rest assured as the certificates we have provided are not affected by this issue.
If you have a Symantec issued certificate and require assistance in replacing it, email us at [email protected] and we’ll be in touch with you soon.