In November 2024, Google Chrome will update its certificate trust settings, ceasing to trust Entrust certificates, impacting web security and enterprise IT infrastructure.

In a significant move affecting web security and enterprise IT infrastructure, Google has announced that starting November 2024, Chrome will no longer trust Entrust certificates as part of its trusted root store. This decision is part of a broader strategy to enhance online security and streamline certificate management.

Background

Historically, Google, like other browsers, has depended on a system’s root store, which includes certificates from trusted certification authorities (CAs) like Entrust. These certificates play a crucial role in securing and authenticating digital communications across the internet.

Changes in Certificate Policy

Google’s new approach involves managing its own certificate root program/store. This shift allows Google to have more direct control over the certificates it trusts, enabling a more uniform security posture across different platforms. As a result, while certificates issued by Entrust are still valid and trusted generally, they will no longer be automatically trusted by Chrome starting from November 2024.

Implications for Users and Enterprises

This update means that organizations using Entrust certificates will need to consider alternative solutions or adjustments to maintain their websites’ compatibility and trust status with Chrome. Since Chrome is a widely used browser, this change could have significant repercussions for website traffic and user trust if not proactively managed.

Google’s Rationale

Google justifies these changes as a step towards modernizing certificate management and security. The initiative aims to reduce reliance on lengthy certificate validity periods, which can complicate the different platforms and renewal processes. Shorter validity periods encourage automation and the adoption of newer security practices, which are essential in the face of evolving cyber threats and the eventual transition to quantum-resistant cryptographic algorithms.

The move has stirred discussions within the cybersecurity community, with various stakeholders examining the implications for internet security standards and enterprise practices. Google has expressed its intention to work collaboratively with other industry players through forums like the CA/Browser Forum to ensure a balanced approach to web security and certificate management.

As we approach November 2024, enterprises and web administrators need to stay informed about these changes and prepare accordingly. Transitioning to new certificates or adjusting existing security frameworks will be crucial to maintaining seamless and secure online experiences for users.

This development marks a pivotal adjustment in Google’s approach to enhancing security and managing digital certificates, urging enterprises to review and possibly revise their certificate management strategies.

TagsGoogle

About the author

View All Posts

Alice Jane

Alice is the Senior Writer at PC-Tablet.com, with over 7 years of experience in tech journalism. She holds a Bachelor's degree in Computer Science from UC Berkeley. Alice specializes in reviewing gadgets and applications, offering practical insights to help users get the best value. Her expertise in the software and tablets section has significantly boosted the site’s readership. Passionate about technology, she constantly seeks innovative ways to integrate gadgets into everyday life.