Chunghwa and Netlock certificates to be mistrusted by Google Chrome; discover how Qualys Certificate View aids in your response strategy
In a significant development for the digital security landscape, Google Chrome has announced that it will no longer trust any new digital certificates issued by Chunghwa Telecom and Netlock after July 31, 2025. This decision comes in response to repeated compliance failures, unfulfilled improvement commitments, and limited measurable progress from both Certificate Authorities (CAs).
Chunghwa Telecom and Netlock have been excluded from Google's global certificate system due to concerns about the improper issuance and management of their certificates, which compromised trust and security within the certificate authority ecosystem.
Impact and Implications
Website operators using TLS/SSL certificates from Chunghwa Telecom or Netlock are affected. End users of Chrome on all platforms—Windows, macOS, ChromeOS, Android, Linux—will be impacted. Visitors to affected sites will see a full-page security warning ('Your connection is not private') when attempting to access these sites after the deadline.
Approximately 2,200 certificates issued by Chunghwa or Netlock have been identified in active environments by Qualys, with around 360 exposed to the public. About 110 of these certificates are due to expire within the next 90 days.
Assessing and Managing Certificates
Qualys Certificate View, a powerful tool for certificate management, can help organisations identify all certificates issued by Chunghwa Telecom and Netlock. It allows for the monitoring of certificate expiration dates and compliance status, automation of the certificate discovery and renewal process, and planning of remediation.
The Certificate View module provides detailed information about each certificate, including the latest TLS Protocols in use. It also distinguishes between internally and externally discovered certificates for easier management. Certificates discovered by Qualys are automatically classified as Leaf, Intermediate, and Root for simpler management.
Planning for the Future
To avoid future issues, pre-existing certificates will continue to be valid until they expire, but website operators are strongly encouraged to migrate away as soon as possible. Setting up alerts and monitoring upcoming expirations of certificates using Qualys Certificate View is recommended.
In conclusion, the upcoming changes in Google Chrome's trust of certificates issued by Chunghwa Telecom and Netlock highlight the importance of vigilance and proactive management in digital security. By utilising tools like Qualys Certificate View, organisations can ensure their digital assets remain secure and compliant.
Read also:
- Duty on cotton imported into India remains unchanged, as U.S. tariffs escalate to their most severe levels yet
- Steak 'n Shake CEO's supposed poor leadership criticism sparks retaliation from Cracker Barrel, accusing him of self-interest
- President von der Leyen's address at the Fourth Renewable Hydrogen Summit, delivered remotely
- Unveiling Innovation in Propulsion: A Deep Dive into the Advantages and Obstacles of Magnetic Engines
