Official List of Trusted Root Certificates on Android

Similar to other platforms like Windows and macOS, Android maintains a system root store that is used to determine if a certificate issued by a particular Certificate Authority (CA) is trusted. As a developer, you may want to know what certificates are trusted on Android for compatibility, testing, and device security. Google maintains a list […]

Getting Ahead of Chrome 70 Distrust of Symantec-Issued Certificates

Today marks the planned release of Google Chrome 66 stable version and the culmination of the first major distrust event for Symantec root certificates in the world’s most used web browser. With the Chrome 66 stable release, Symantec, Thawte, GeoTrust, and RapidSSL certificates issued before June 1, 2016, and still in use will be greeted […]

Replace Your Symantec-Issued Certificates Ahead of Chrome 66 Beta (March 15)

Free replacement certificates are available—visit your existing Symantec, Thawte, GeoTrust, and RapidSSL portals. With the Google Chrome 66 beta release scheduled for March 15th—to be followed by the Chrome 66 stable version on April 17th of this year—we’re continuing to communicate with you, our customers, through multiple channels about how to replace affected Symantec-issued certificates […]

3-Year Certificates to Be Eliminated in Industry-Wide Change

Last year, Certificate Authorities and web browser vendors voted to get rid of three-year SSL certificates in the CA/B Forum, an industry body which sets standards for publicly trusted SSL certificates. That change will now take effect on March 1, 2018. After that date, the new maximum validity period for publicly trusted SSL certificates will […]

Security Advisory on Meltdown and Spectre

Last week, security researchers published two vulnerabilities—known as Meltdown and Spectre—which affect the majority of modern computers. Both of these vulnerabilities target low-level functionality of CPU chips, making it possible to read process- and kernel-level data. The technical explanation of these vulnerabilities can seem complex because it requires knowledge of CPU architecture. In simple terms, […]

How to Maintain Trust in Your Symantec-Issued Certificates

Jeremy Rowley, EVP of Product at DigiCert, answers common questions about how customers can maintain trust in their Symantec-issued certificates. With DigiCert’s acquisition of Symantec Website Security, there has been some misinformation in the market about how the browser timeline affects Symantec-issued certificates. After reading this, you will have a clear understanding of what the […]

CA/B Forum Votes to Shorten Certificate Lifetime Validity Periods: How It Impacts You

The CA/Browser Forum (CAB Forum) comprises the world’s leading CAs and browser vendors. The CAB Forum meetings and discussions attempt to build consensus on rules and guidelines about global digital certificate practices. One common topic is how to shorten certificate lifetimes. The goal is to accelerate security efforts and minimize the potential damage caused by […]

Page 1 of 3123