Google will no Longer Trust All Certificates from WoSign and StarCom
Google has informed that in a few coming months сertificates, issued by WoSign and StarCom certification centers, will no longer be valid. The change will be implemented and start acting with the release of Chrome 61, which is expected in mid-September. It will affect certificates issued before October 21, 2016, the validity of which has not yet expired.
Last year, Chrome 56 stopped trusting the certificates of WoSign and StarCom, released later than October 21, 2016. After the release of Chrome 57, the browser partially stopped trusting the old certificates. An exception was made for sites that came into the first million in the Alexa rating. This time the lock will act in relation to all certificates from the specified centers.
[“Starting with Chrome 61, the white list will be removed, which will lead to a complete cessation of trust in the existing root certificates of WoSign and StarCom and all certificates that they have issued. Websites that still use StarCom and WoSign certificates should urgently consider replacing them, so as to minimize inconvenience to Chrome users, " - they note at Google.]
It should be reminded that Mozilla announced that it would no longer trust WoSign и StartCom in September 2016. Certificates began to be considered invalid, starting with Version 51 of the Firefox browser. At the same time, the support of certificates issued before October 21, 2016, is still preserved.
Total comments: 0