WP Hosting Blog

Best practice WordPress hosting, development and management

2019-09-20T10:30:29+00:00 February 13th, 2018|WordPress Hosting & Development|By WP Hosting Editor|

Hosting and Security: Chrome66 to Distrust Symantec SSLs, Your Action Plan

Chrome 66 is going live in March with huge SSL update impacting Symantec-issued certs, and we’ll help you prepare for it.

To kick off 2018, Google is set to release Chrome 66 on Beta on 15 March and a stable release on 17 April. The updated version comes with a new feature – KeyboardLock API – that gives way to more immersive games, websites, and video streaming; and more enhanced security control.

As far as security control goes, what makes Chrome 66 more significant to website owners and managers is Chrome’s decision to downright distrust Symantec SSLs, including from its brand names: Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL. The decision was made following multiple cases of improper certificate issuance.

Based on Google’s Security Blog (updated 31 January), the Chrome team and the PKI community have decided that starting Chrome 66, Symantec SSL certificates issued prior to 1 June 2016 are no longer be recognized. Those affected are advised to obtain a new certificate from Chrome-trusted Certificate Authority.

Full removal of trust in Symantec’s old infrastructure and all of the certificates issued will be implemented when Chrome 70 is released on 23 October.

Action plan

WP Hosting certificates are issued by Comodo™, a reputable Chrome-trusted Certificate Authority with over 700,000 business customers worldwide. They offer optimum website security that is compatible with most browsers, applications, and devices.

We offer four types of Comodo™ SSL Certificates: Standard, Wildcard, Organisation and Extended SSL certificates. To help you obtain a Chrome-trusted SSL certificate, we have jotted down the steps below:

1. Can you switch even before your Symantec certificate expires?

Yes, you can.

2. Update your SSL certificate

Head over to our website and order one now. DV (Domain Validated) SSL certificates are activated instantly.

3. Install the Site Seal

Good to let your visitors know that your site is secured with an enterprise-grade SSL certificate.

4. Get a WP plugin for SSL

Once your SSL certificate is installed we recommend using Really Simple SSL to automatically detect your settings and configure your website to https.

5. Keep an eye on SSL warnings

If you are a customer and require assistance with configuration or mixed content warnings, contact us and we’re happy to help in any way we can.
Note: You can also purchase a certificate from another vendor and install it yourself.

Leave A Comment