FAQ

Symantec and DigiCert Acquisition

As industry leaders, we've been exposed to major acquisitions in the past and can anticipate many of the common questions our customers ask. Our SSL specialists put together the follow questions and answers to help customers quickly make sense of all this wonderful industry news. If you still have questions, our SSL specialists are available 24/7/365 via email, live chat, and telephone.

General Knowledge

When did Symantec & DigiCert complete the acquisition?

On October 31, 2017, DigiCert, Inc. completed the acquisition of the Symantec Corp. Certificate Authority business, which includes all website security assets related to SSL & PKI (GeoTrust, Thawte, RapidSSL) for $950 million in cash and a 30% stake in common stock equity.

Hide

What does The SSL Store™ think of this acquisition?

This is great news!!! The acquisition of Symantec's SSL business is absolutely the best-case scenario for the entire SSL community. This is by far the quickest way to enhance the SSL ecosystem, improve product offerings, increase efficiencies, provide better support and superior validation practices that are safe, secure, and most of all, trusted by the browser community unequivocally. DigiCert has announced its new PKI system will be implemented by December 1, 2017 to ensure all newly issued certificates are compatible will all browsers going forward.

Hide

What benefits will I gain from this acquisition?

DigiCert is best known for being speedy, reliable, and efficient, specifically when it comes to exceptional customer support and fast certificate issuance. Now Symantec customers will experience this level of service in addition to industry-leading OCSP response times. In the coming months, Symantec customers will gain access to the full line of DigiCert products to complement those that you have enjoyed from Symantec. These include DigiCert's SSL and private PKI services, leading PKI-based solutions for IoT device security, and an award-winning certificate management platform.

Hide

Does the acquisition resolve the Symantec compliance issues with the browsers?

Per a recent DigiCert Announcement: "Since announcing the acquisition, DigiCert has actively engaged with the security community to explore paths that address browser concerns about Symantec-issued certificates while balancing the TLS implementations currently deployed. This plan is close to completion and will minimize impacts, allowing customers to continue securing their transactions. Symantec-issued certificates impacted by the browser timelines will need to be replaced. These will be replaced at no cost to customers at the appropriate time, and we'll work to ensure a smooth process. More information will be forthcoming for affected parties."

Hide

Partner Programs

Will reseller or enterprise partners notice any significant changes in the program?

Yes, you will see improvements over time. Partners can expect new web security solutions, faster issuance times from vendors, and better response time from the Certificate Authority. As always, The SSL Store™ will proactively inform partners about any improvements within the respective program(s).

Hide

Will the Encryption Everywhere program continue under DigiCert?

Yes. Strategic web hosting partners of The SSL Store™ can continue enjoying the Encryption Everywhere program and everything it has to offer.

Hide

Will enterprise partners continue to use Managed PKI for SSL or the Complete Website Security console to administer/manage Symantec-issued certificates?

Yes, enterprise partners will continue using their existing MPKI solutions from Symantec. The move to a more innovative, next-gen platform is scheduled for early 2018 and may require an API update to the new servicing URL. The SSL Store™ will communicate changes as they arise and will ensure any changes are seamless for your business.

Hide

Will partners need to update their integration option (i.e. API, plugin, module) with The SSL Store™ to accommodate this acquisition?

It depends. We did make several updates to all our integration options (i.e. API, plug-ins, etc.) to help partners view/request their impacted certificates within their native system. We understand some integrated partners do not rely heavily on our control panel and wanted to accommodate their business needs. View the integration option page within your control panel to learn more.

Hide

Will partner contracts and day-to-day functions be impacted by the DigiCert acquisition?

No. All contracts, prepaid funds, credit terms, account balances, pricing, etc. with The SSL Store™ will remain the same today. You will experience no change in account managers, support managers, or lines of communications with our Customer Experience Department.

Hide

Will the Norton Shopping Guarantee program continue under DigiCert?

Yes. eCommerce website owners can still benefit from this conversion optimization program.

Hide

Products/Solutions

Will any product features change with Symantec, GeoTrust, Thawte, and RapidSSL certificates?

Yes. These brands will soon have new, fully trusted CA root certificates that will allow customers to continue securing all internet traffic with confidence. The SSL Store™ will automatically provide all customers with the correct certificate files after issuance of new, renewed, or reissued certificates.

Hide

Will the process of purchasing Symantec certificates change in your account?

No. You can still purchase and benefit from the premium features of Symantec-issued certificates as normal.

Hide

Can you continue managing previously purchased Symantec certificates?

Yes. You still have access to manage all certificates details within your control panel.

Hide

Will Symantec certificates remain valid until their expiration dates?

It depends. The certificate itself will remain valid until expiration, however, browsers need all customers to replace existing Symantec-issued certificates before certain dates in 2018. The date when customers should replace their existing certificates is all dependent on the original issue date, expiration date, and browser timeline. All existing certificates impacted by the 2018 browser dates will receive instructions by The SSL Store™ on how to replacement certificates for the remaining validity period at no cost to them.

Hide

Will Symantec SSL/TLS certificates continue to work after the acquisition?

Yes, this business deal between Symantec and DigiCert has no impact on your certificates' validity periods. Unless impacted by the 2018 browser dates, all Symantec issued certificates will remain valid until their expiry date.

Hide

Has the process of ordering and managing my Symantec certificates changed?

No. You can continue procuring and managing certificates within your control panel like usual. We already did the heavy lifting to ensure you have a smooth transition.

Hide

Will the validation process change in the near future?

Yes. DigiCert is known for its highly refined validation process, which means customers may experience faster verification times. Although all Symantec workflows may be supported initially, DigiCert plans to implement changes as necessary to support existing needs. The SSL Store™ will update validation documentation, support material, and customer notifications once additional details are provided by DigiCert.

Hide

Any changes for code signing customers?

No. You can continue securing applications like nothing ever happened. If anything changes, The SSL Store™ will let you know.

Hide

What is happening with the trusted site seals (i.e. Norton Secured Seal)?

Any seal issued by Symantec will continue to work and remain valid until certificate expiration. Any changes will be communicated by The SSL Store™.

Hide

Technical Knowledge

What will happen with the Root CA Certificate Hierarchies?

Browsers will slowly phase out existing Symantec root certificates over the next year. DigiCert has already begun cross-signing certain roots with the older Symantec roots to provide a wide ubiquity. Any customers impacted by this process will receive step-by-step instructions from The SSL Store™ on how to seamlessly resolve any issues within the least amount of time. Customers relying on a specific Symantec root should contact The SSL Store™ immediately for assistance with the transition.

Hide

Will DigiCert change the Root structure?

Yes, but not immediately. DigiCert plans to create new roots that are cross-signed by the existing Symantec roots. These new roots will be embedded in browsers, providing a seamless transition for most customers. Customers with pinned intermediates or roots should contact The SSL Store™ immediately for assistance.

Hide

Reissue Details (Next Steps)

Do customers need to replace their existing Symantec-issued certificates?

Yes. Depending on the original issue date and expiration date, customers will need to reissue/replace impacted certificates before March 2018 or September 2018. Please refer to the instructions sent by The SSL Store™ on how to effectively and efficiently replace your certificates.

Hide

What are the important dates to replace existing Symantec-issued certificates to continue browser trust?

  • If the certificate issue date is before June 1, 2016 and expires before September 13, 2018, customers can begin reissuing them today through March 15, 2018.
  • If the certificate issue date is before June 1, 2016 and expires after September 13, 2018, customers should reissue or renew them between December 1, 2017 through March 15, 2018.
  • If the certificate issue date is after June 1, 2016 and expires after September 13, 2018, customers should reissue or renew them between December 1, 2017 through September 13, 2018.

Hide

Does replacing SSL certificates cost any additional fees?

No. There is no cost in reissuing/replacing certificates. However, if your certificate is within 90 days of expiration, customers should renew the certificate instead to avoid replacing the certificate twice.

Hide

Do customers need to generate a new CSR & private key?

No. You can use the previously generated key pair only if the RSA private key is saved in a secure location. If the private key is lost or inaccessible, customers should generate a new CSR and private key on their web server (recommended) or by using an online tool.

Hide

Can customers switch domain validation methods during reissuance?

It depends. If the original method was File/DNS Authentication, customers can contact support to switch to email based authentication. The email method will allow you to use the WHOIS email or one of 5 pre-approved alias addresses (admin@, administrator@, webmaster@, hostmaster@, and postmaster@).

Hide

Do OV SSL customers need to re-validate their business details during reissuance?

Yes. After December 1, 2017, all business details related to the certificate will be validated again by DigiCert.

Hide

Do EV SSL customers need to re-validate their business details during reissuance?

Yes. After December 1, 2017, all business details related to the certificate will be validated again by DigiCert.

Hide

Can Symantec re-use previously validated business details after December 1, 2017?

No. All business details related to the certificate will be validated again by DigiCert.

Hide

Do customers have to install the re-issued SSL Certificate by DigiCert?

Yes. You need to install/configure the certificate again on your web server, application, or device to properly update the certificate files. For assistance, contact our friendly SSL specialists.

Hide

Does the certificate expiration date change during reissuance?

No. The expiration date will not change. The reissue process simply allows customers to receive a new copy of the original certificate for free.

Hide