The blog title explains the main reason that I started the open source project CertStuff
If you are not familiar with the Google proposal, here are some quotes that I found on the Symantec website:
On July 27, 2017, Google posted a time-sensitive plan regarding Symantec-issued TLS server certificates. There are critical dates that will impact your operations:
- Effective December 1, 2017, all Symantec SSL/TLS certificates must be issued from a new PKI infrastructure in order for such certificates to be trusted in Google Chrome.
- On or around March 15, 2018 (Chrome 66 Beta), Google Chrome will show a warning for sites secured with SSL/TLS certificates issued before June 1, 2016.Your security is not at risk and data encryption will function normally, but your site visitors will be disrupted by a warning in Chrome.
- On or around September 13, 2018 (Chrome 70 Beta), Google Chrome will show a warning for sites secured with SSL/TLS certificates issued by Symantec’s existing PKI infrastructure.Your security is not at risk and data encryption will function normally, but your site visitors will be disrupted by a warning in Chrome.
References:
https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/eUAKwjihhBs%5B1-25%5D
https://www.symantec.com/connect/blogs/information-replacement-symantec-ssltls-certificates
Jackie Chen's IT Workshop 