Security Market Segment LS
Tuesday, 18 September 2018 11:54

Chrome, Firefox will not trust Symantec SSL certs from next release Featured


In what is sure to cause concern at the the top levels of one of the leading security software vendors, upcoming releases of the two more popular Web browsers, Chrome and Firefox, will no longer trust Symantec SSL certificates.

A browser will check the validity of a SSL certificate in order to confirm the validity of the website being loaded. This is done by validating a chain of trust. Certificate Authorities will guarantee the certificates they issue, along with the bona fides of any secondary issuing authority that is operating under their umbrella. A very rigorous process is needed to validate any entity that wishes to obtain a certificate.

In 2016, users became aware that Symantec (and their supported issuers) was issuing certificates in contravention of the established guidelines and posted their finding to a Mozilla security mailing list. After considerable discussion among the other CAs, a decision was made to distrust Symantec and to remove it as a CA.

The final announcement to distrust Symantec certificates was made in late 2017 and all Symantec certificate holders were given a year to replace their SSL certificates with one from an issuer who was trusted. The "distrust" also applies to certificates from Thawte, Geotrust and RapidSSL, all of which used Symantec as a central authority.

Mozilla Firefox and Chrome will start rejecting any affected certificates from their next releases in October. Apple's Safari browser has already started a partial distrust and will finalise this process later in 2018.

Digicert has acquired the Symantec CA and has been re-issuing certificates without charge. Anyone who has already begun this process, need to take no further action as the replacement certificate will be trusted by all browsers.

According to Mozilla, about 3.5% of the top one million websites are still secured with certificates that will no longer be trusted, despite extensive warnings. If anyone has access to Firefox Nightly or Chrome Canary, the standard "Invalid Certificate" warning will most likely be seen, rather than the actual website.

iTWire has been unable to find an official statement from Microsoft about its position on this issue and whether IE and Edge will continue to support Symantec certificates after their distruxt by Firefox and Chrome.

Read 4323 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News