Google May Show Alert On Your Website After March 15, 2018

Digicert finishes acquisition of Symantec's SSL and related PKI solution business. Now the browser community distrusts Symantec SSL certificates and after 15th March 2018, your website with Symantec SSL will be shown as "Not Secure". Learn What should be your next step during this course of transition.

On August 2, 2017, the world’s leading cyber security company, Symantec Corp., along with the leading provider of scalable identity and encryption solutions for enterprise, Digicert Inc., announced that Digicert will acquire Symantec’s Website Security and other PKI solutions.

Since then Digicert has been trying hard to migrate the existing Symantec customers to their own PKI. But not long after the announcement, the browser community came out with a harsh decision to distrust Symantec SSL Certificates. Google has been working hard to make the internet safe for all by pushing constant Chrome updates. Google introduced the Chrome 68 update according to which they have made a clear deadline of July 2018, after which all websites without an SSL Certificate will be marked as “not secured”.

After the release of Google Chrome 66 to canary and developer channels, users of these channels using affected sites will be impacted. If these affected websites fail to replace these Symantec SSLs by 15 March 2018, then Chrome beta users will begin experiencing failure. To avoid such a  situation it is it recommended you replace your Symantec SSL Certificate with the new Digicert SSL.

Websites using SSL of Geotrust, Thawte, and Rapidssl will also be affected by this update. Let us have a glimpse at how your website will look after this update. See the below image.

 

Not a good site thought for a potential customer visiting your website. You can check your website status by using this SSL Checker tool.

What to do in this situation?

  1. Make a list of affected SSL Certificates.
  2. Generate a CSR for the respective server using a CSR generator.
  3. Get your SSL reissued with respect to new ly-generated CSR from your SSL Certificate provider.
  4. After the Certificate is issued, install it on your web server*.

PS - Step 4 may be a bit tricky for some. You can get help from your existing SSL provider or try reaching out to a free source like sslshopper.com and ssllabs.com for free SSL Tools and ssl.support for free SSL installation support. They can help you with the installation and solve the errors absolutely at no cost.

Conclusion 

Who would like to see a "Not Secure" message on one's website? Obviously no one! And if your website is the entry point for your customers then it becomes mandatory to reissue the SSL immediately.