Google starts its own root certificate authority

Spread the love

Google has announced that it is starting its own root certificate authority, which will allow it to issue certificates. To facilitate this, the search giant has enlisted two existing root authorities, namely GlobalSign R2 and R4.

This should make it possible to immediately start issuing certificates independently, writes Google. Including the root certificates in products takes some time, which Google wants to shorten with this move. The company wants to manage the new certificate authorities on behalf of Google and parent company Alphabet via Google Trust Services. With the decision, Google says it will go along with the development of https as a ‘fundamental technique’ on the internet.

The search giant used a third-party certificate authority called GIAG2 for this. In the meantime, this authority should continue to function as normal while the move to the new infrastructure takes place. Google reports that it plans to continue to use other certificate authorities, so developers would do well to include a variety of roots in their products, as far as they connect to Google.

The company announced last October that as of October this year, it will only trust certificates from authorities that comply with its Certificate Transparency policy. This should be used to check whether authorities have issued certificates correctly on the basis of public log files.

You might also like