If I were a betting SEO, I’d wager that your company’s website is its lifeblood. It’s crucial, then, that your users feel safe while on your site. Savvy internet users will bounce like a bad check if they detect an inkling of insecurity.

If you have a sharp team of web developers or SEOs, then I’ll place another bet: your site likely has a security certificate, which is an indication that your site supports HTTPS encrypted traffic. This security assurance is especially crucial for sites that collect personal information like credit card numbers.

However, a very big name in the SSL issuing industry — Symantec — is losing authority due to corner-cutting behavior.

Problems With Symantec Certificates

In 2017, engineers at Google and Mozilla investigated certificates Symantec companies issued after reading a complaint from SSLMate Founder Andrew Ayer. They discovered Symantec companies had issued 127 security certificates that didn’t comply with industry standards set by the CA/B Forum.

And the problems didn’t stop there. All in all, Symantec companies issued more than 30,000 certificates that should have never been given, putting users’ information security at risk. This is in addition to coming under fire for a similar situation in 2015.

As a result, starting in March 2018, Google Chrome users will see “not secure” warnings on sites with SSL certificates that come from Symantec companies. This is excellent news for users who want to know whether a site is legitimately secure. The news is less than ideal, though, if you own a website with a SSL certificate that came from Symantec. Don’t worry, though — this is a fixable problem.

Can My SSL Certificate Be Trusted?

To make sure you are doing right by your customers and your company, check if you’ve been using an SSL certificate issued by Symantec or any of its subsidiaries:

  • VeriSign
  • GeoTrust
  • Equifax
  • Thawte
  • RapidSSL

If your certificate was issued by one of these companies before June 16, 2016, then you need to replace it before March 2018. For directions on updating and replacing, contact your certificate provider.

Alternatively, if you have an email account tied to your site’s administration (e.g., [email protected]), check for a message from your SSL provider. Symantec companies have emailed some customers to inform them of the need for updates.

An email from RapidSSL notifying users to get a reissued security certificate.

An example of the email from RapidSSL which notified users that their security certificates must be reissued.

Get Help With Security

Our team of digital marketing experts at Knucklepuck are well-versed in SSL certificates and HTTPS updates. If you need help determining whether your SSL certificate needs to be updated, we can help.