Google’s Chrome browser will stop trusting certificates issued by Entrust, a certificate authority (CA), starting November 1, 2024. This decision stems from repeated compliance failures and a lack of improvement on security issues by Entrust over the past few years. CAs play a vital role in online security by verifying website identities and enabling encrypted connections. Google has lost confidence in Entrust’s ability to uphold these critical tasks.
What Websites Will Be Affected?
Any website using a security certificate issued by Entrust after November 1, 2024, will be flagged as untrusted in Chrome. This potentially includes major corporations like Chase Bank, Dell, and Mastercard. Websites with existing Entrust certificates before the deadline are okay until they expire, but they should switch to a different CA beforehand to avoid disruptions.
What Will Users See?
Chrome users encountering an affected website will see a warning indicating an insecure connection. This warning could discourage users from trusting the website.
What Should Website Owners Do?
Website owners that rely on Entrust certificates should obtain and install new certificates from a trusted CA included in Chrome’s Root Store as soon as possible. They can utilize the Chrome Certificate Viewer to verify if their certificates are affected.
Is This Permanent?
There’s a possibility that Chrome might trust Entrust certificates again in the future. However, Entrust needs to demonstrate a strong commitment to improving its security practices and addressing past shortcomings.
Key Dates:
- November 1, 2024: Chrome starts blocking untrusted Entrust certificates (issued after this date).
- Before October 31, 2024: Website owners with expiring Entrust certificates should obtain replacements from a different CA to avoid disruptions. Get more updates on wikitechleaks
