Google to Stop Trusting Entrust Certificates in Chrome 127, Affecting Multiple Large Websites

TapTechNews June 29th news, Google announced in a blog post on June 27th that starting from the Chrome 127 version to be released on November 1st, 2024, by default will not trust the TLS server verification certificates issued by Entrust or AffirmTrustroots.

Google said in the blog post that Entrust's behavior pattern is worrying and does not conform to [Chromeroot program policy requirements], weakening people's confidence in its ability, reliability, and integrity as the owner of a public trusted CA.

Google announced that starting from the Chrome 127 version released on November 1st, it will no longer trust new TLS server verification certificates from Entrust (or AffirmTrust). TapTechNews learned from the report that subsequent visits by end-users to websites using Entrust certificates will see the ERR_CERT_AUTHORITY_INVALID warning.

Including many large websites such as moneygram.com, merrilledge.com, and ey.com are still using Entrust certificates. Chrome users can click the button on the left side of the URL in the address bar to view the certificate-related information.

Entrust is a privately owned software company worth 130 million US dollars and has 350 employees. The company was originally split from Nortel Networks' secure networking division and provides identity management security software and services in the fields of public key infrastructure, multi-factor authentication, SSL certificates, fraud detection, electronic certificates, and mobile identity authentication.