Firefox Trust Deprecation Schedule for Legacy Symantec Certificates

May 21, 2018 Tim Callan Alerts & Notices

We've written in the past about Google's schedule for deprecation of Symantec certificates issued prior to December 1, 2017 and why it's important to revoke and replace your GeoTrust, Symantec, Thawte, or RapidSSL certificates by September of this year.

We'd like to clarify that Firefox will follow a very similar deprecation schedule to Google's.  As with Chrome, current versions of Firefox already have deprecated trust for all certificates from the above brands that were issued prior to June 1, 2016.  If you presently are using any certificates matching this description on public-facing sites, you should revoke and replace those certificates immediately.

Firefox release 63, scheduled for September beta and October GA, will extend distrust to all certificates from these brands issued prior to December 1, 2017.  If you have any active certificates from the old Symantec CA business prior to December 1, be sure to revoke and replace them before this date.

Otherwise Firefox users on your site will see this: