When do you need to reissue/replace your Symantec SSL/TLS Certificate?

3 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 5 (3 votes, average: 5.00 out of 5, rated)

Steamline Process to Get Reissue or Replace Your Symantec SSL Certificate

As of October 31, 2017, DigiCert, Inc. has officially acquired Symantec’s Certificate Authority business. This move didn’t come as a surprise considering Google’s plans to distrust the SSL/TLS certificates of Symantec and its subsidiary CAs, namely GeoTrust, RapidSSL, and Thawte in Chrome, the most famous browser in the world.

This distrust has been divided into two parts by Google depending upon the issuance date. The first phase will begin with the launch of Chrome 66, expected to be released in March 2018. And the second part in October 2018, with the launch of Chrome 70.

To avoid this distrust and security warnings, existing customers of Symantec, GeoTrust, RapidSSL, and Thawte will need to reissue/replace their certificates from DigiCert’s infrastructure before the deadlines.

Here is the timeline of Google’s plans:

  • December 1, 2017: As of this date, Google has required that TLS certificates no longer be issued by Symantec roots, but must be issued by another CA. As of December 1, DigiCert will be issuing all certificates for Website Security customers. This date does not mandate any immediate certificate changes, but officially transfers validation and issuance of Symantec certificates to DigiCert systems. From this date forward, Symantec customers can begin to request free replacement certificates. These replacement certificates will be valid through the issuance to the end of the certificate validity period.
  • ~March 15, 2018: Chrome beta will distrust certificates issued by Symantec before June 1, 2016. The public release of Chrome is expected on April 17, 2018.
  • ~September 13, 2018: Chrome beta will distrust all certificates issued by Symantec. The public release of Chrome is expected in mid-October of 2018.

Now you must be wondering: “Do I need to reissue my SSL certificate? When do I need to renew my certificate?” Well, let us put in simple terms. Here’s all you need to know:

  • If your certificate was issued before June 1, 2016, you’d need to reissue/replace your certificate before March 15, 2018.
  • If your certificate was issued after June 1, 2016, and before December 1, 2017, you’ll need to reissue/replace your certificate before September 13, 2018.
  • And if your issuance date is after December 1, 2017, you don’t need to reissue your certificate.

Here’s a picture to make the picture clearer:

Symantec SSL replacement deadline

Now that you know when to reissue your certificate, you must have some questions regarding the renewal process. Let us answer them for you.

Do I need to pay any charges for reissuance?

No. The reissuance is entirely free.

I issued a certificate from GeoTrust/RapidSSL/Thawte. Am I eligible for the reissuance?

Yes, totally. In case you are not sure whether your certificate is eligible for reissuance or not? You could check your certificate through Symantec SSL/TLS Certificate reissue checker tool. Simply add your domain name and click “Check Now” button and see the result.

Do I need to undergo the vetting process if I have OV/EV certificate?

Yes, you’ll need to. As your “new” certificate will have to be issued from DigiCert’s infrastructure, they will need to verify your details.

How good is DigiCert?

Pretty good we’d say. DigiCert has established itself as the premium provider of high-assurance digital certificates. When it comes to the validation process, DigiCert comes second to none thanks to its super-efficient PKI infrastructure. Where it takes days for other CAs to issue certificates, DigiCert does this in minutes.

How to Reissue?

If you’re not one of our customers, you either need to contact your vendor or do it directly by going to your CA portal. Here are the links:

If you have even the slightest of doubts or concerns, contact our ever-available, friendly team of SSL experts.

Do You Want to Replace Your Symantec SSL Certificate?

RapidSSL Logo
We build handy-process for Symantec SSL certificate replacement. Visit our official website and start your process now!