March 19, 2018 By Shane Schick 2 min read

The company that bought one of the largest certificate authorities (CAs) said it has nearly finished replacing the digital certificates most commonly used by popular websites as major browsers prepare to phase them out in upcoming releases.

DigiCert Inc. said it has been sending mass email messages, calling customers and running webinars to make sure website owners are aware that Google and Mozilla will no longer trust Symantec-backed digital certificates when they release Chrome 66 next month and Mozilla Firefox 60 in May. DigiCert, which bought the CA business from Symantec last fall, noted that more than 99 percent of the top 1 million websites have taken appropriate action.

Purging Outdated Digital Certificates

According to SecurityWeek, the browser-makers established deadlines to revoke trust in digital certificates in response to a series of errors in the way they were issued and managed. DigiCert set up a portal for customers to check their domain name to determine whether they need new or replacement certificates. Companies that used RapidSSL, GeoTrust and Thawte can also obtain replacements through DigiCert.

For all its progress, Enterprise Times raised questions about how DigiCert will manage to win over the remaining customers who had obtained digital certificates through Symantec and other providers. This includes not only the top websites, but also many small and medium-sized businesses (SMBs) that could be affected by the browsers’ deadlines.

A Bumpy Transition

The transition of the CA business from Symantec to DigiCert has not been entirely smooth. Earlier this month, CRN Australia reported that the website of Trustico, a Symantec reseller, temporarily went offline after DigiCert claimed it had emailed the private keys of more than 20,000 digital certificates, which were later revoked. According to TechTarget, DigiCert claimed that 23,000 certificates were compromised, although the number of individual organizations affected by the incident has not been publicly reported.

Recently, DigiCert set up a new reseller program to make it easier to obtain and deploy digital certificates within the enterprise. The program aims to help the CA’s partners take advantage of the opportunity offered by Secure Sockets Layer (SSL), public key infrastructure and Internet of Things (IoT) security.

More from

Taking the fight to the enemy: Cyber persistence strategy gains momentum

4 min read - The nature of cyber warfare has evolved rapidly over the last decade, forcing the world’s governments and industries to reimagine their cybersecurity strategies. While deterrence and reactive defenses once dominated the conversation, the emergence of cyber persistence — actively hunting down threats before they materialize — has become the new frontier. This shift, spearheaded by the United States and rapidly adopted by its allies, highlights the realization that defense alone is no longer enough to secure cyberspace.The momentum behind this…

2024 Cloud Threat Landscape Report: How does cloud security fail?

4 min read - Organizations often set up security rules to help reduce cybersecurity vulnerabilities and risks. The 2024 Cost of a Data Breach Report discovered that 40% of all data breaches involved data distributed across multiple environments, meaning that these best-laid plans often fail in the cloud environment.Not surprisingly, many organizations find keeping a robust security posture in the cloud to be exceptionally challenging, especially with the need to enforce security policies consistently across dynamic and expansive cloud infrastructures. The recently released X-Force…

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today