If you know anything about SSL certificates, you’ll know that an SSL is only as reliable as its issuing Certificate Authority. The chain of trust plays a key role in the SSL ecosystem, and when a Certificate Authority breaks it for whatever reason, major web browsers will stop trusting their issued SSLs, rendering them useless.
Shortly, Chrome browsers will stop recognizing SSL certificates issued by Entrust Certification Authority. This will largely impact SSL certificates issued by the Certificate Authority (CA) after November 11, 2024.
What led to this decision
Google revealed the thought process behind its decision in a recent blog post. It begins by stating that its security team prioritizes the security and privacy of users above all else and will not compromise on those values. When deciding whether to include or keep a CA’s certificates in the Chrome Root Store, a CA must provide value to Chrome users that doesn’t put them at risk. Furthermore, when things go wrong, Google expects CA Owners to demonstrate a commitment to making things right.
According to the search engine giant, a series of incident reports the CA released over the past few years painted a pattern of concerning behaviors. Google says these behaviors have ultimately “eroded confidence in their competence, reliability, and integrity as a publicly-trusted CA Owner.”
What this decision means for Entrust customers
SSLs signed by Entrust Root certificates issued after November 11, 2024, will no longer be trusted by Chrome 127 and higher. So if a certificate’s earliest signed certificate timestamp (SCT) is after November 11, 2024, Google Chrome won’t recognize it, and your site won’t load in Chrome browsers.
If an SSL certificate signed by Entrust Roots has the earliest SCT on or before November 11, 2024, it won’t be affected.
If you have an Entrust SSL due to expire after November 11, 2024, you should switch to a new SSL provider as soon as possible to avoid any impact on your site.
Choose an SSL CA you can trust
Like with every purchase you make, especially online, research is key before making a decision. A reputable CA can make or break your SSL, so you need to ensure major web browsers trust a CA and that the CA has a proven track record of reliability and compliance with industry standards.
Buying an SSL from SSLs.com means getting an SSL issued by Sectigo CA, a leading commercial CA with over two decades in the industry. Not only are you getting a great SSL for less, but you’re also getting premium protection you can trust.
Switch to SSLs.com today for hassle-free SSL certificates at low prices.
Cora is a digital copywriter for SSLs.com. Having eight years of experience in online content creation, she is a versatile writer with an interest in a wide variety of topics, ranging from technology to marketing.