This information is relavent for SSL certificates distributed by Symantec, Thawte, GeoTrust, and RapidSSL. If your SSL certificate is distributed by one of these vendors this information will be important for you.
If you have a Symantec based certificate (one of the most popular distributors) the process of those certificates becoming untrusted has started 6 days ago with the release of Google Chrome Beta 66. Starting a Beta 66 these certificates will show a warning message indicating that the certificate is not trust-worthy IF the certificate was issued before June 2016.
Luckily Chrome Beta 66 will only effect certificates with a long expiration date. If your certificate was distributed after June 1, 2016 you are ok for now. That said come September when Chrome 70 is released all certificates issued by Symantec will be distrusted!
Personally I'm a big fan of CloudFlare for it's free DNS management and FREE SSL certificates.
In the case of the company I work at I was told that we are using our current certificate distributor for insurance reasons. We're using GeoTrust and the process with them is relatively easily. Simply reissue your certificate. It can be done in way that the old certificate still stays valid until you get a chance to install the new one across your servers. That way there is no down time.
Thanks for reading.
Up Next:
I'll have more updates on my Kubernetes journey soon. I seem to have converted my docker-compose stacks to k8s successfully. My next step will be exposing the ports of our existing nginx-based routing container to the Internet.
At that point I'll be able to start testing and make sure the containers are all working and communicating with each other as expected.
Past DevOps Journals Posts: