Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


20180831 - New DigiCert hierarchy

To modernize and streamline their code signing certificate offerings and begin the integration with DigiCert's platforms, DigiCert will be updating its code signing PKI hierarchy of Symantec and Thawte brand.

What is going to happen?

As of October, 31 2018 Thawte and Symantec code signing certificates will be signed under the new DigiCert code signing hierarchy.

Note that you will still be able to choose between SHA1 and SHA256 roots.

EDIT 20181029: The new DigiCert hierarchy will be available on October 31, 2018 as planned but its use has finally been postponed to a later date due to some changing market dynamics (the new date is not known yet).

What about the existing certificates?

There is no impact to existing code signing certificates or the validity of signed files, whether timestamped or otherwise. Existing code signing certificates are valid until their expiration dates. Files already signed are still viewed as secure and verified.

What actions will you have to take?

None, for most users. Careful though: If your application is dependent upon pinned or hard-coded root CAs, then an update is required to support the new root.

Useful links