Google to Distrust all Symantec SSL Certificates

By Gordon Smith

Symantec certificates account for around one third of all the web's certificates and it's the largest issuer in the world. So this is very big news.

A large number of our customers and customers of most other digital marketing agencies will be impacted by this.

What will be the impact?

It will mean that very many websites which are currently encrypted will no longer be trusted by the Google Chrome web browser family. Chrome will issue security warnings when you visit a website encrypted with such a certificate.

What is SSL, again?

It's a way of encrypting data as it flows between a web user and the service they're using. It keeps things secret. It's especially important when sending data such as personal information across the web via web forms. Here's a primer on what SSL is and how it can help with SEO.

Why is Google doing this?

Google says that Symantec have issued certificates improperly. They have not carried out the necessary background checks on applicants for certificates. This has meant that a small number of certificates issued by Symantec are definitely not trustworthy.

Since some certificates have been improperly issued, and Google has no way of determining which are trustworthy and which are not, Google is assuming that all certificates issued by Symantec cannot be trusted.

Yes, it's a sledgehammer to crack a nut perhaps, but how are Google meant to determine which certificates are not trustworthy? What will Symantec do about this?  

Member of Kingston Chamber of Commerce
Winner, Kingston Business Excellence Awards 2018, Customer Service category
Finalist, Kingston Business Excellence Awards 2019