DigiCert works with its customers and partners to successfully move past Google’s distrust of Symantec TLS certificates

Recent Chrome 70 stable release marks final phase of Google Symantec root distrust, one year after DigiCert acquired Symantec Website Security

LEHI, Utah – (November 7, 2018)DigiCert, Inc., the world’s leading provider of TLS/SSL, PKI and IoT security solutions, has successfully executed a major transfer of online trust, marked by the recent stable release of Chrome 70 that signals the end of Google’s Symantec root distrust plan. In the year since acquiring Symantec’s Website Security and PKI businesses, DigiCert has managed a certificate replacement program leading to the wholesale exchange of Symantec CA infrastructure and replacing nearly 5 million certificates.

Over the last year, DigiCert has helped companies affected by the distrust action by replacing impacted certificates for free before the Chrome 70 stable release. An extensive outreach program, working with partners, and a comprehensive validation process have led to replacing certificates for 99 percent of the Alexa 1 Million websites. For those few remaining sites that have not reissued and replaced their certificates, DigiCert strongly encourages them to act now to avoid browser warnings.

“DigiCert, along with our partners and customers, has executed an extraordinary certificate replacement process for a large segment of our industry. Our teams have worked many long hours to ensure this event had minimal impact to our customers and the Internet in general, and I am very grateful for their efforts,” said DigiCert CEO John Merrill. “This could have been an extremely disruptive event to online commerce. But one year after DigiCert closed the acquisition of Symantec’s Website Security business, we have successfully completed our requirements for Chrome. And even with the intense focus on the replacement process, we are excited to be showing growth in 2018.”

Continued Merrill, “Now that we can turn our focus to moving forward, we are strongly positioned to lead the market with next-generation TLS and PKI solutions, and work with the CA community to improve industry standards.”

A brief overview of the replacement task and what DigiCert accomplished includes:

  • Managing wholesale replacement of Symantec’s multiple CA backend systems in one month between Nov. 1 and Dec. 1, 2017.
  • Combining validation teams and training employees on DigiCert’s compliant CA processes.
  • Revalidating domains and issuing nearly 5 million replacement certificates for Symantec, VeriSign, Thawte, GeoTrust and RapidSSL customers.
  • Revalidating more than 550,000 organizational identities that moved to DigiCert trusted roots.
  • Providing support, tools and information to partners and customers to facilitate free replacements for all impacted TLS certificates. These efforts have included millions of emails, in-console messages, and uncounted outbound phone calls to reach all affected.
  • Redesigning and improving validation systems and automation across the CA infrastructure to improve scaling and provide a consistent, customer-centric, fast experience.

DigiCert remains committed to being a best-in-class CA operation, providing customers with confidence in the company’s processes and the TLS industry in general. In addition to scaling and redesigning its validation processes, DigiCert has focused on improving its operations and technologies, including:

  • Making a major investment into improved infrastructure, data centers and new architecture to achieve secure agility and scale.
  • Establishing partnerships to provide certificates with post-quantum cryptography that will be resistant to quantum computers. This is especially important as many IoT devices have lifecycles that will last well into the era of quantum computers.
  • Developing secure solutions on top of blockchain technology.
  • Investing resources to drive improvements within industry standards bodies.

Said Merrill, “With the completion of our part of this unprecedented distrust management event, we want to thank our partners and customers, as well as the browser and security communities, for working with us. Moving forward, we are excited about refocusing our talented teams to produce needed advancements in trustworthy communications for the web PKI and a variety of emerging markets and technologies. As we do, we will stay true to the values that have made DigiCert the most trusted brand in our industry.”

About DigiCert, Inc.

DigiCert is the world’s leading provider of scalable PKI solutions for identity and encryption. The most innovative companies, including the Global 2000, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS/SSL and other digital certificates for PKI deployments at any scale through its certificate lifecycle management platform, CertCentral®. The company has been recognized with dozens of awards for its enterprise-grade management platform, fast and knowledgeable customer support, and market-leading growth. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

DigiCert, Inc. Media Contact
Jeff Chandler
Director of Public Relations
801.701.9653 (O)