Chrome 70 Dropping Trust of SSL Certificates issue by Symantec

Post any question you may have in regards to GoAnywhere MFT and let our talented support staff and other users assist you.
3 posts Page 1 of 1

Support_Tim

Posts: 34
Joined: Mon Dec 01, 2014 10:35 am

Post by Support_Tim » Wed Oct 10, 2018 1:47 pm
Question: How do I update/renew Symantec-issued SSL certificates in GoAnywhere since Chrome 7 is not trusting the existing certificates?

Answer: If you have been, or will be affected by Google Chrome discontinuing the trust of Symantec and other root certificates in version 7, you should have been notified by Digicert with information and instructions how to renew your certificates. This notification may have been sent to someone else in your organization or caught in a spam filter, so below is a link for your convenience.

https://www.websecurity.symantec.com/bl ... rtificates

At the time of this posting, DigiCert is offering a way to check your certs here: https://www.websecurity.symantec.com/su ... sl-checker

After receiving your replacement certificate, you will Import install it with the GoAnywhere Key Management System (KMS), or “File Based” certificate manager. You will need to log in with an Admin user with the Key Manager role.

To work with SSL certificates:

KMS: Encryption > Key Management System. Then click the options cog next to the Key Vault in use (typically Default), then select Manage Certificates.

File Based: Encryption > File Based Keys > Certificates.

On the Certificates page, you can click the Help “?” on the upper right for assistance if needed. You will receive either a CA Reply file or certificate file(s), so choose one of the following options.

If you received the SSL certificate file(s) (not a CA Reply file), you will import each cert received into GA using the KMS or File Based Certificate Manager.

KMS: Use the Help page (“?” at top right) and scroll down to “Import a certificate…”. Click and follow instructions.

File Based: Use the Help page (“?” at top right) and scroll down to “Import a trusted certificate…”. Click and follow instructions.

Or…

If you received a CA Reply file and need further assistance, scroll down to “Import a reply…” (file-based) or “Import a CA Reply” (KMS). Click and follow the instructions on the Import CA Reply screen.

Andrepont

Posts: 1
Joined: Wed Jun 27, 2018 5:17 am

Post by Andrepont » Thu Nov 15, 2018 10:29 am
Hi Tim, I was affected by this. Are replacement certificates valid in every way as the certificate that expired was? In other words, are there any differences between them?

Support_Philip

User avatar
Site Admin
Posts: 46
Joined: Wed Jun 21, 2017 8:12 am

Post by Support_Philip » Fri Nov 16, 2018 8:43 am
Yes, the certificate was replaced by a new cert generated by DIgicert and should act in the same manner as the previous certificate.
Philip Horn
Senior Support Analyst
e. philip.horn@helpsystems.com
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
3 posts Page 1 of 1