Deadline approaches for changeover of certain SSL certificates
PSA: Replace Your SSL/TLS Certs by Symantec, Thawte, VeriSign, Equifax, GeoTrust and RapidSSL
Posted March 13, 2018
NOTE: While this information may seem a bit technical if you have a webmaster handling your website for you, you might contact them to be sure your site doesn’t fall under this category, so you won’t lose the use of it for folks who use the Chrome browser (and there are many!).
This is a public service announcement and a reminder to site owners. Google’s Chrome browser has already started the process of ending support for Symantec SSL/TLS certificates. This includes companies owned by Symantec including Thawte, Verisign, Equifax, GeoTrust and RapidSSL.
Chrome 66 is ending support for Symantec certificates issued before June 1, 2016 on the following schedule:
- The ‘Canary’ release already ended support for these certificates. It was released on January 20th, 2018.
- The Beta release for Chrome 66 will be released on March 15th.
- The Stable release for Chrome 66 will be released on April 17th.
If you are running a Symantec certificate issued before June 1, 2016, and you do not replace that certificate, then from April 17th onwards this is what your site will look like to site visitors:
Starting with Google Chrome version 70, all remaining Symantec certificates will stop working, including those issued after June 1, 2016. Chrome 70’s release schedule for Canary, Beta and Stable is July 20th, September 13th and October 16th respectively.
To check if your certificate will be affected by this change, you can visit this page and enter your website’s hostname in the form provided: https://www.websecurity.symantec.com/support/ssl-checker.
If your site will have an issue, the page should give you a warning. Make sure you just enter the hostname and remove the https:// prefix and the ending slash.
An alternative way to check if your website will have a problem is to download Chrome’s bleeding edge ‘canary’ version and visit your website. Then check the DevTools in Chrome for any warning message regarding your SSL/TLS certificate.
You can find more info on the official Google Security Blog.
Please help spread the word so that site owners are not caught by surprise when this change goes live next month .
This Public Service Announcement was put out by Wordfence, the most downloaded security plugin for WordPress websites. More information about them here: https://www.wordfence.com/