Act Fast if Your Site Uses Certs from Symantec, Thawte, VeriSign, Equifax, GeoTrust or RapidSSL


In another issue, We’ve recommended that you should be running HTTPS, to protect your visitor’s interactions with you, and also to improve your ranking in Google search.  That’s still good advice.  However, HTTPS introduces some other complexities. One of them is the need to rely on a third party to issue the certificate that’s essential to running HTTPS on your site.  And what if that third party messes up?  We’re now learning what happens!

There have been multiple incidents of Symantec not following accepted industry procedures in the issuance of certificates.  Symantec is one of the largest issuers of certificates, so it tool a company the size of Google to stand up to them.  Symantec and other brands they own, listed in the title above, have been judged by Google to be not completely reliable.  So Google has established a time frame for ending Chrome’s support for these certificates.

What are the consequences of continuing to use these certificates as Google ends support for them?  Your visitors will see a security alert like the one at the top of the page.  That’s not what you want them to see!

There’s a good discussion of this issue in the WordFence blog, along with links to find the time-tables for nonrecognition of various certificates.

The Bottom Line

Check to see whether your site is using a certificate from Symantec or a Symantec company. If it is, make a change now.  If you’re using Dave’s Super Hosting Service, don’t worry, we don’t use Symantec certificates.

It's only fair to share...Share on facebook
Share on twitter
Share on linkedin
Share on google
Share on print