Skip to main content
purple hex pattern

We Are Committed to Our Public TLS Certificate Business and Customers

On June 26, 2024, Google announced that specific public roots used by Entrust to issue public TLS certificates will no longer be trusted by default within the Chrome Root Store Program after October 31, 2024. 

While we are disappointed by this decision, we want to be clear that we are committed to our public TLS certificate business and customers, and that Google’s decision has no impact on our private certificate offerings – including our PKI, PKI as a Service, and Managed PKI, or our code signing, digital signing, and email (S/MIME and VMC) offerings. 

We will also continue to meet our customers’ certificate needs now, and in the future, with alternative or partner roots if necessary, and share our progress toward restoring trust and returning to the Chrome Root Store with the browser and web community as well as our customers. 

Frequently Asked Questions

To read our full list of FAQs, click here.

What does it mean when Google says you have been “distrusted”?

This means that public TLS certificates issued from certain Entrust roots after October 31, 2024 will no longer be trusted by Google Chrome by default. TLS certificates issued by those Entrust roots through October 31, 2024 will still be trusted by default through their expiration date.

Will Entrust continue to sell TLS certificates?

Yes. We are committed to making all changes necessary to satisfy Google and to ensure uninterrupted support for our customers.

Are currently issued TLS certificates trusted?

Yes. All certificates issued through October 31, 2024 will continue to work in the Google Chrome browser through their expiration dates. 

For customers with unique testing requirements or use cases, we recommend renewing Entrust TLS certificates prior to October 31 – they will be valid through their expiration dates. If you need assistance with testing, contact our support team at [email protected].

What about certificates that expire after October 31, 2024?

Entrust is partnering with third-party certificate authorities (CAs) to support your certificate needs seamlessly. For customers with unique testing requirements or use cases, we recommend renewing Entrust TLS certificates that are expiring in November or December 2024 prior to October 31, 2024.

Does this impact other Entrust products?

No. This issue is limited to publicly trusted TLS certificates, and we are putting in place a solution to ensure uninterrupted service. No other Entrust products are affected, including our PKI, PKI as a Service, and managed PKI, or our code signing, document signing, and email (S/MIME and VMC) offerings.

What is the solution after October 31, 2024?

Entrust will meet your public TLS certificate needs – in partnership with a third-party CA – with certificate lifecycle management, support, and browser ubiquity.

Are you working with Google and the CA/Browser Forum?

Yes. Entrust is committed to serving as a public CA. We remain active in the CA/Browser Forum, and we are taking all necessary actions to address Google's (and other browsers') concerns.

Contact Customer Support

The Entrust Certificate Services team will respond to help you with your TLS certificate needs and questions.