Addressing Website Security Concerns – GlobalSign Updates AlphaSSL and AlphaSSL Wildcard Root Certificate Hierarchy to R6
Table of Contents
Following Mozilla’s announcement about removing website and S/MIME trust bits from root certificates, GlobalSign changed its CA certificates from R1 to R6.
This was announced on February 19, 2024.
How does this affect your website hosted on SiteGround?
The R1 to R6 root certificate change will affect your site depending on when your GlobalSign SSL certificate was issued and if your visitors (or you) use outdated software.
- If your GlobalSign certificate was issued before January 29, 2024 – no actions are needed. Your GlobalSign AlphaSSL and AlphaSSL Wildcard certificates will continue to function normally until their expiration date.
- If your GlobalSign certificate was issued after January 29, 2024 – your GlobalSign AlphaSSL and AlphaSSL Wildcard certificates will be R6-signed and will not work on old operating systems and browsers, such as but not limited to: MacOS X 10.9, iOS 7, Safari 7, Android 5.1.1, Win 8.1, Internet Explorer 10.
If your website visitors access from an outdated operating system and/or browser with no support for R6-signed SSL certificates, it will display an SSL error like “This Connection is Not Private.”
Here is how the error you may stumble upon due to this change looks in Safari:
Clicking on “Show details”, you’ll see additional information on what may be causing the error.
You can also click on the “view the certificate” link to see what type of SSL certificate your browser doesn’t trust.
How to resolve this problem?
Using a modern operating system and browsers will not cause this problem. If updating is not an option, however, you should consider removing your GlobalSign SSL certificate and replacing it with a Let’s Encrypt SSL.