Firefox to distrust all TLS certificates issued by Symantec

By Chris Dawson August 3, 2018 - 5:55 pm

From October the 23rd 2018, the Firefox browser will distrust any TLS certificates issued by Symantec (or a parter company), regardless of when it was issued. Firefox 60 (the current release) already displays an “untrusted connection” error for any website using a TLS/SSL certificate issued before June 1, 2016 that chains up to a Symantec root certificate.

Symantec were a bit naughty and allowed a few companies to issue their certificates that didn’t comply with industry standard guidelines. To wipe the slate clean, browsers will simply stop trusting certificates issued by Symantec along with those from various brands such as Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL. Like Firefox, Google Chrome already distrust pre June 1, 2016 certificates and will distrust all Symantec certificates from the 16th October 2018.

In early March roughly 1% of websites were broken in Firefox 60 due to the change described above. Just before the release of Firefox 60 on May 9, 2018, less than 0.15% of websites were impacted – a major improvement in just a few months’ time. Still today, 3.5% of the top 1 million websites are using Symantec certificates that will be distrusted by October.

“We strongly encourage website operators to replace any remaining Symantec TLS certificates immediately to avoid impacting their users as these certificates become distrusted in Firefox Nightly and Beta over the next few months.”
– Firefox

When we last wrote about this issue, eBay and Amazon, the two biggest marketplaces in the UK both had security certificates issued by Symantec Corporation. Amazon upgraded to a DigiCert Inc certificate on the 28th of March with eBay also upgrading to a DigiCert Inc certificate on the 9th of July this year.

  • whitehat
    4 months ago still uses a legacy cert … doesn’t seem like an important endpoint lol

Tamebay Guide

Welcome to our Tamebay Guide. Companies listed in the directory represent the leading suppliers in the UK and Europe.
Amazon started as online book store and has grown to be the worlds
Whether you are buying new or used, plain or luxurious, commonplace

Recent Comments

17 mins ago
David Brackin: I just bought a book for my Dad from Amazon with Prime delivery and the...
33 mins ago
Mark: I have recently started using the newly launched BUUY app thats fine....
7 hours ago
Andrew Minalto: LOL Good one! :-)...
7 hours ago
Andrew Minalto: As a 3rd party seller on Amazon, I'm not worried AT ALL about Amazon's own...