In a move to strengthen user privacy and security in Chrome, Google has announced that new certificates from the certificate authority (CA) company, Entrust, will no longer be trusted, starting in November.

Google cited a “pattern of compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress in response to publicly disclosed incident reports” over the last six years as the reason for this decision. 

“When these factors are considered in aggregate and considered against the inherent risk each publicly-trusted CA poses to the Internet ecosystem, it is our opinion that Chrome’s continued trust in Entrust is no longer justified,”  the Chrome Root Program team wrote in a blog post.

Starting with Chrome 127, Entrust certificates whose earliest Signed Certificate Timestamp (SCT) is dated after October 31, 2024 won’t be trusted. The company says that certificates whose earliest SCT is on or before that date won’t be affected. 

Website owners can check if their site is affected by using the Chrome Certificate Viewer to see who their certificate provider is. If it is either from Entrust or AffirmTrust, it is recommended that they switch to a different provider by October 31, 2024. 


You may also like…

Working toward AIOps maturity? It’s never too early (or late) for platform engineering

Empowering SMBs to compete with big brands using AI and SaaS technology