Go To Namecheap.com
Hero image of Google will soon distrust Entrust SSL certificates
Security & Privacy

Google will soon distrust Entrust SSL certificates

It’s no secret that SSL certificates are critical for website users to stay safe online. Major web browsers agree. So much so that unless a website is secured with an SSL trusted by that web browser, it will not load properly. 

So, trust is everything when it comes to SSL certificates. Recently, Entrust Certification Authority, a major player in SSL certificates lost that trust.

Google Chrome recently announced it will no longer trust SSL certificates by the Certificate Authority (CA) issued after November 11, 2024. This means that SSL certificates issued by Entrust will stop being recognized by Chrome browsers, effectively making them useless. 

Find out why Google made this decision and what you should do if you’re an Entrust customer.

Why Google chose to distrust Entrust

To understand Google’s decision, you must understand the role of CAs. CAs are the entities in charge of the issuance, revocation, and general maintenance of the SSL ecosystem. A big part of that is validating a website’s owner and vouching for each issued certificate with a cryptographic signature. 

Because of the authority CAs wield, trust is essential in maintaining SSL certificates across the web. To maintain this trust, CAs must fulfill the baseline requirements set out by the CA/Browser Forum, a group of SSL issuers and suppliers of Internet software that use SSL certificates. CAs must also follow the policies of individual web browsers, such as Google Chrome. 

In a blog post, Google explains how Entrust CA fell short of these expectations multiple times over the past few years. It points to multiple incident reports issued over the past few years that illustrate concerning behavior. Ultimately, Google has lost confidence in the CA’s “competence, reliability, and integrity as a publicly-trusted CA Owner.”

The impact of this decision

Chrome 127 and higher will no longer trust SSL certificates signed by Entrust Root certificates by default issued after November 11. This means if the certificate’s earliest signed certificate timestamp (SCT) is after November 11, it won’t be trusted by Google Chrome. 

SSL certificates validated by Entrust Roots with the earliest SCT on or before November 11 won’t be affected.

To avoid any impact on your website’s operations, if you have an Entrust certificate, you should switch SSL providers as soon as possible, especially if your current Entrust SSL is due to expire after November 11.

How to choose a reputable SSL CA

Don’t make snap decisions when purchasing an SSL certificate. Now that you know the importance of a reputable CA, you know the importance of researching a CA’s reputation before committing. Look for a proven track record of compliance with industry standards, cybersecurity, and reliability.

Don’t settle for less

Namecheap is partnered with Sectigo CA, one of the world’s leading commercial CAs that has been in the business for over two decades. Choosing an SSL certificate from Namecheap means premium security at an affordable price. 

Easily switch your SSL security to Namecheap today for guaranteed site protection you can trust.

Was this article helpful?
4
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Help us blog better

What would you like us to write more about?

Thank you for your help

We are working hard to bring your suggestions to life.

More articles like this
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Hero image of Securing APIs in cloud environmentsGoogle will soon distrust Entrust SSL certificates
Next Post

Securing APIs in cloud environments

Read More