Google has made it known that Google Chrome will no longer trust Symantec issued certificates. This means that at various points during 2018 Google Chrome will start to show a “not secured” warning for sites with Symantec issued certificates.
You can read more here Google Online Security Blog: Chrome’s Plan to Distrust Symantec Certificates.
April 2018.: Certificates issued by Symantec before June 1, 2016 will be distrusted by Google Chrome,
October 23 2018: All certificates issued on the Symantec certification chain will be distrusted by Google.
Is Blackbaud aware of this?
For Luminate Online: Blackbaud is aware of this and we are addressing it by updating the certificates that are associated with the secure[2,3].convio.net domains.
For Blackbaud NetCommunity and Blackbaud Internet Solutions: Blackbaud is aware of this and updating all certificates in advance that have been purchased through Blackbaud.
For all other hosted products, including but not limited Sphere, eTapestry, Online Express, Blackbaud Hosting etc: Blackbaud is aware of this and updating all impacted certificates in advance.
What do I need to do as a client?
For Luminate Online: If you do not have a custom secure domain, then you don’t have to do anything. Blackbaud and the Luminate Online hosting team will ensure that our certificates are updated properly.
For Blackbaud NetCommunity and Blackbaud Internet Solutions: After Blackbaud has initiated the update process, you will be contacted by Geotrust to authorize the update/renewal. Once you authorize the renewal, Blackbaud will receive and update the certificate.
If you have a self-provided certificate not purchased through Blackbaud for your hosted Blackbaud NetCommunity/Internet Solutions website, you will need to update the certificate and provide it to Blackbaud.
- Contact Support and request a CSR for the certificate re-issue for the affected domain.
- We will generate the CSR to be used to order the certificate and provide you with the information.
- You will need to order the certificate using the CSR we provide. If Digicert needs to validate the request, they will contact you.
- There is no charge for Blackbaud in install the re-issued certificate. This only applies to a re-issue related to Google distrusting Symantec certificates.
For all other hosted products, including but not limited Sphere, eTapestry, Blackbaud Hosting etc: No action is needed.
Symantec and Symantec sub-brands make up the current SSL options for Luminate Online: Verisign/Norton, Geotrust, Thawte - so what do I renew with?
Going forward the certificate ownership of Symantec has been sold to DigiCert. Any new certificates for custom secure domains for Luminate Online should be purchased via DigiCert, and any renewals for Verisign/Norton, Geotrust or Thawte will actually be DigiCert certificates.
What do I need to do as a Luminate Online client?
If you do not have a custom secure domain, then you don’t have to do anything. Blackbaud and the Luminate Online hosting team will ensure that our certificates are updated properly.
You will need to renew your SSL certificate before April 2018 if you haven’t renewed since June 1, 2016 (which you likely have as it is a yearly renewal process),
if you have renewed your certificate between June 1, 2016 and Dec 1, 2018 (with a Symantec issued certificate) you will need to renew again before October 23.
How is DigiCert handling this with Symantec? Is it possible that I'll have to do nothing with a newer (issued after June 2016). DigiCert has their current plans outlined here.
How can I check to see if my certificate will be impacted?
If you load your site in Google Chrome, right click anywhere and select “inspect element” this will bring up the web developer console. Once that appears, click on the “Console” tab. If your certificate needs to be updated, there will be a message there “ The SSL certificate used to load resources from https://secure2.convio.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.”