Skip to main content
SEO

Restoring Trust in Your Symantec SSL Certificate

If I were a betting SEO, I’d wager that your company’s website is its lifeblood. It’s crucial, then, that your users feel safe while on your site. Savvy internet users will bounce like a bad check if they detect an inkling of insecurity.

If you have a sharp team of web developers or SEOs, then I’ll place another bet: your site likely has a security certificate, which is an indication that your site supports HTTPS encrypted traffic. This security assurance is especially crucial for sites that collect personal information like credit card numbers.

However, a very big name in the SSL issuing industry — Symantec — is losing authority due to corner-cutting behavior.

Problems With Symantec Certificates

In 2017, engineers at Google and Mozilla investigated certificates Symantec companies issued after reading a complaint from SSLMate Founder Andrew Ayer. They discovered Symantec companies had issued 127 security certificates that didn’t comply with industry standards set by the CA/B Forum.

And the problems didn’t stop there. All in all, Symantec companies issued more than 30,000 certificates that should have never been given, putting users’ information security at risk. This is in addition to coming under fire for a similar situation in 2015.

As a result, starting in March 2018, Google Chrome users will see “not secure” warnings on sites with SSL certificates that come from Symantec companies. This is excellent news for users who want to know whether a site is legitimately secure. The news is less than ideal, though, if you own a website with a SSL certificate that came from Symantec. Don’t worry, though — this is a fixable problem.

Unsecure Image Screen shown on Google Chrome

Can My SSL Certificate Be Trusted?

To make sure you are doing right by your customers and your company, check if you’ve been using an SSL certificate issued by Symantec or any of its subsidiaries:

  • VeriSign
  • GeoTrust
  • Equifax
  • Thawte
  • RapidSSL

If your certificate was issued by one of these companies before June 16, 2016, then you need to replace it before March 2018. For directions on updating and replacing, contact your certificate provider.

Alternatively, if you have an email account tied to your site’s administration, check for a message from your SSL provider. Symantec companies have emailed some customers to inform them of the need for updates.

An example of the email from RapidSSL which notified users that their security certificates must be reissued.

Get Help With Security

Our team of digital marketing experts at Knucklepuck are well-versed in SSL certificates and HTTPS updates. If you need help with your HTTPS status or any other Technical SEO Issues, let us know!

 

Can We Help?

If you have an idea, a project or a challenge, we’d love to hear about it.