Firefox to distrust all TLS certificates issued by Symantec

By Chris Dawson August 3, 2018 - 5:55 pm

From October the 23rd 2018, the Firefox browser will distrust any TLS certificates issued by Symantec (or a parter company), regardless of when it was issued. Firefox 60 (the current release) already displays an “untrusted connection” error for any website using a TLS/SSL certificate issued before June 1, 2016 that chains up to a Symantec root certificate.

Symantec were a bit naughty and allowed a few companies to issue their certificates that didn’t comply with industry standard guidelines. To wipe the slate clean, browsers will simply stop trusting certificates issued by Symantec along with those from various brands such as Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL. Like Firefox, Google Chrome already distrust pre June 1, 2016 certificates and will distrust all Symantec certificates from the 16th October 2018.

In early March roughly 1% of websites were broken in Firefox 60 due to the change described above. Just before the release of Firefox 60 on May 9, 2018, less than 0.15% of websites were impacted – a major improvement in just a few months’ time. Still today, 3.5% of the top 1 million websites are using Symantec certificates that will be distrusted by October.

“We strongly encourage website operators to replace any remaining Symantec TLS certificates immediately to avoid impacting their users as these certificates become distrusted in Firefox Nightly and Beta over the next few months.”
– Firefox

When we last wrote about this issue, eBay and Amazon, the two biggest marketplaces in the UK both had security certificates issued by Symantec Corporation. Amazon upgraded to a DigiCert Inc certificate on the 28th of March with eBay also upgrading to a DigiCert Inc certificate on the 9th of July this year.

Have your say

View our Comment Policy

Tamebay Guide

Welcome to our Tamebay Guide. Companies listed in the directory represent the leading suppliers in the UK and Europe.
Amazon started as online book store and has grown to be the worlds
Whether you are buying new or used, plain or luxurious, commonplace

Recent Comments

1 hour ago
Andy: There is actually a strong counter argument to this. Amazon, for example,...
11 hours ago
Charles: I would 100% concur with that, they change their search logarithms constantly which destroys...
12 hours ago
Northumbrian: Parcel2go. Have an app called smartsend That integrates with ebay amazon etc using multiple couriers...
12 hours ago
Kwakagent: Decided after 15 years to stop using eBay to buy/sell. Gutted. It was my favourite...