Google to Block Websites Using Certs from Entrust in Chrome Browser

Google to Block Websites Using Certs from Entrust in Chrome Browser

Google has announced a significant move to block websites utilizing certificates from Entrust in its Chrome browser, effective from November 1, 2024. The decision to cease trusting TLS server authentication certificates from Entrust signifies Google’s commitment to maintaining stringent security standards.

In response to ongoing compliance failures and Entrust’s alleged inability to promptly address security concerns, Google’s Chrome security team has taken this bold step to safeguard users’ online experiences. By no longer recognizing certificates from Entrust, Google aims to uphold the integrity and reliability of certificate authorities involved in securing encrypted connections.

Website operators relying on Entrust for certificates are encouraged to transition to other trusted certificate authorities before the blocking action takes effect. Google’s initiative reflects the tech giant’s dedication to enhancing cybersecurity practices within the internet ecosystem, emphasizing the crucial role certificate authorities play in ensuring secure browsing experiences.

While this decision is set to impact various platforms, including Windows, macOS, ChromeOS, Android, and Linux, exceptions exist for Chrome on iOS and iPadOS due to Apple’s restrictions. Websites utilizing Entrust certificates post the deadline will display warning messages, prompting operators to take immediate action to prevent disruptions.

Google’s proactive approach highlights the evolving landscape of cybersecurity and the importance of continuous vigilance in safeguarding online interactions. Website owners must prioritize securing their platforms by adopting certificates from reputable authorities to mitigate potential risks and ensure seamless user experiences.

FAQ Section:

What is the significance of Google’s recent announcement regarding Entrust certificates in Chrome?
Google has decided to block websites utilizing certificates from Entrust in its Chrome browser starting from November 1, 2024. This move is a response to ongoing compliance failures and security concerns surrounding Entrust, demonstrating Google’s commitment to stringent security standards.

Why is Google taking action against certificates from Entrust?
Google’s Chrome security team identified compliance issues and Entrust’s alleged delays in addressing security concerns, leading to the decision to stop trusting TLS server authentication certificates from Entrust. This action aims to maintain the integrity and reliability of certificate authorities involved in securing encrypted connections.

What should website operators relying on Entrust certificates do following Google’s announcement?
Website operators using certificates from Entrust are advised to transition to other trusted certificate authorities before the November 1, 2024 deadline to prevent disruptions. Google’s initiative underscores the importance of certificate authorities in enhancing cybersecurity practices and ensuring secure online experiences.

How will websites be affected if they continue using Entrust certificates after the blocking action takes effect?
Websites that do not switch from Entrust certificates by the deadline will encounter warning messages on platforms such as Windows, macOS, ChromeOS, Android, and Linux. Exceptions exist for Chrome on iOS and iPadOS due to Apple’s restrictions, emphasizing the need for immediate action to avoid disruptions.

Key Term Definitions:
– TLS (Transport Layer Security): A cryptographic protocol that ensures secure communication over a computer network, commonly used to protect web transactions.
– Certificate Authorities: Trusted organizations that issue digital certificates to validate the ownership of public keys used in secure communications.

Suggested Related Links:
Google

Martin Baláž