The SSL Certificate Authority, Sectigo, announced recently that their AddTrust Root certificate file will be expiring May 30, 2020.
There is likely no action required by your team at this time to ensure the continued validity of your certificates installed on Acquia, but we are sharing the below information to ensure customers on our platform are appropriately informed about this change.
Q: Will my certificate still be trusted after May 30, 2020?
A: Yes. All modern clients and operating systems have the newer, modern COMODO and USERTrust roots which don’t expire until 2038. This includes the Acquia Cloud platform.
On other platforms where the trust stores have been artificially limited or cannot be updated (embedded devices, for example), you will need to update and install the newer Sectigo roots. Please ensure these devices also have the necessary security updates from the vendor.
Q: Do I need to reissue or reinstall my certificate?
A: No. Your certificate will remain trusted until it’s natural expiry date and does not need reissuance or reinstallation. You can choose to stop installing the cross-certificate on your servers if you wish. Should you need legacy compatibility after the AddTrust expiry we have a replacement cross-certificate that you can install on your servers in place of the AddTrust cross-certificate.
We recommend contacting your certificate provider with any concerns you may have about the impact to your organization’s SSL certificate.
If you have any questions, please review the official announcement from Sectigo.