Affecting Symantec certificates issued before June 2016 are now distrusted

Published: | Categories: Privacy & Security


Firefox 60 shipping on May 9 will distrust TLS server certificates issued by Symantec prior to June 1, 2016, which have been announced as deprecated since Firefox 58. Google Chrome 66 shipping on April 17 is going to make the same change. All the Symantec brands including GeoTrust, RapidSSL, Thawte and Verisign will be affected by the multi-vendor distrust actions due to a number of CA practice issues.

To avoid unwanted Insecure Connection error pages, webmasters using any Symantec-issued certificate, particularly on this top site list, have to replace it with a new one or obtain an alternative certificate from other CA as soon as possible. We recommend Let’s Encrypt that offers trusted certificates for free.

Firefox 63 and Chrome 70, both shipping in October, will distrust all Symantec certificates regardless of the issue date.