While the world is pushed—or forced—toward digitizing all business processes, workflows and functions, the lessons from the early days of the Internet can be a predictor of success. Learn how Digital Trust can make or break your strategy and how the wrong solution may be setting your organization up for failure in less than three years.
Enhancements and changes which are planned for release by mid-June 2018 will require your immediate attention or action, so please read this announcement.
For security and compliance best practices, we will update the Online Certificate Status Protocol (OCSP) and Certificate Revocation List (CRL) infrastructure for all certificates issued from our legacy hierarchies for the GeoTrust, RapidSSL, Symantec, and Thawte brands.
For certificates issued from our legacy hierarchies before 1 December 2017, domain hosts and website hosts must be able to access our OCSP and CRL servers. For more information, refer to these Knowledge Base articles as appropriate for your business:
For certificates issued on or after 1 December 2017, no action pertaining to this update is necessary. These certificates were issued from the DigiCert root CA and are unaffected by this update.
To modernize and streamline our code signing certificate offerings, we will update our code signing PKI hierarchy and begin integrating with DigiCert platforms. We intend to sign all new and reissue code signing certificates from the DigiCert hierarchy and infrastructure by mid-June 2018, regardless of the brand under which they’re sold. However, these changes will not impact existing code signing certificates nor the validity of signed files, whether timestamped or not.
These changes will apply to all code signing products listed below for the Symantec and Thawte brands:
For information on changes to the code signing PKI hierarchy, read our Website Security blog entry or see these links for more information.
We appreciate your partnership. If you have additional questions, contact support or your account manager.