Google to Block Entrust Certificates in Chrome Starting November 2024

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner.

"Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust, including delays in addressing known security issues and failures to properly validate domain ownership before issuing certificates," Google said in a blog post.

The move comes after a series of incidents that have eroded trust in Entrust's ability to properly manage its certificate issuance practices. One such incident involved the certificate authority issuing certificates for domains it did not control, a violation of industry standards.

Entrust's Compliance Failures

Google noted that Entrust has failed to address these issues in a timely manner, leading the search giant to conclude that the certificate authority can no longer be trusted to provide secure and reliable certificates for the web.

The decision to block Entrust certificates in Chrome is part of Google's ongoing efforts to maintain the integrity of the web's security infrastructure. By removing support for Entrust, the company aims to protect users from potential security risks and ensure that only trusted entities can issue certificates for websites.

"Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust, including delays in addressing known security issues and failures to properly validate domain ownership before issuing certificates."

This move by Google is likely to have significant implications for website owners and operators who rely on Entrust certificates. They will need to transition to alternative certificate authorities before the November 2024 deadline to avoid their sites being blocked by Chrome.

Implications for Website Owners

The decision to block Entrust certificates in Chrome is expected to have a ripple effect across the web. Website owners who currently use Entrust certificates will need to act quickly to migrate to alternative certificate authorities approved by Chrome.

Failure to do so could result in their websites being flagged as insecure by Chrome, potentially leading to a loss of user trust and a decrease in website traffic. This transition may also require additional resources and technical expertise, adding to the burden on website owners.

Website owners migrating to alternative certificate authorities

Google's move is a clear indication that it is taking the security of the web seriously and is willing to take decisive action against certificate authorities that fail to meet industry standards. This decision is likely to be closely watched by other browser vendors, who may follow suit in the future.

Conclusion

The decision by Google to block Entrust certificates in Chrome starting in November 2024 is a significant step in the ongoing efforts to maintain the integrity of the web's security infrastructure. By removing support for a certificate authority that has failed to address security issues in a timely manner, Google is sending a strong message that it will not compromise on the security and reliability of the web.

Website owners who rely on Entrust certificates will need to act quickly to migrate to alternative certificate authorities approved by Chrome to avoid their sites being blocked. This transition may require additional resources and technical expertise, but it is a necessary step to ensure the continued security and trust of the web.

Entrust certificate migration

As the web continues to evolve and the threats to its security become more complex, it is crucial that browser vendors and certificate authorities work together to maintain the highest standards of security and reliability. Google's decision to block Entrust certificates is a clear indication that it is committed to this goal, and it is likely that other browser vendors will follow suit in the future.