Friday, October 4, 2024
HomeTechnologyGoogle switches to own Root Certificate Authority “Google Trust Services”

Google switches to own Root Certificate Authority “Google Trust Services”

Published on

Google is switching to its own Root Certificate Authority for issuing its own TLS/SSL certificates for securing its web traffic via HTTPS, and not rely on intermediaries, as it was so for.

In the past years, Google has used certificates issued by several companies, with the lastly supplied by GlobalSign and GeoTrust.

Currently, Google is operating a subordinate Certificate Authority (Google Internet Authority G2 – GIAG2), which manages and deploys certificates to Google’s infrastructure.

- Advertisement - EHA

Google is currently in the process of migrating all services and products from GIAG2 certificates to the new Root Certificate Authority, named Google Trust Services (GTS).

The search giant said, the migration to GTS will take time, and users will see mixed certificates from both GIAG2 and GTS until then.

What this means for regular users is that when they’ll click to view a site’s HTTPS security certificate, it will say “Google Trust Services” instead of Google Internet Authority, GeoTrust, GlobalSign, or any other term. This will make it easier to identify authentic Google services.

Likewise, you can read Encrypt and password protect your Gmail message in a click

For Google, GTS means its engineers will have full control over its HTTPS certificates since the time they’re issued to the time they’re revoked.

Situations, when another Certificate Authority issues SSL certificates for Google domains, will stand out immediately.

GTS will provide HTTPS certificates for a broad range of services, such as public websites to API servers, for all Alphabet companies, not just Google.

More technical information, such as Google’s current active root certificates and their https://pki.goog/SHA1 fingerprints are available on the Google Trust Services homepage.

Google Trust Services now operates the following Root Certificates:

 Public KeyFingerprint (SHA1)Valid Until
GTS Root R1RSA 4096, SHA-384e1:c9:50:e6:ef:22:f8:4c:56:45:
72:8b:92:20:60:d7:d 5:a7:a3:e8
Jun 22, 2036
GTS Root R2RSA 4096, SHA-384d2:73:96:2a:2a:5e:39:9f:73:3f:
e1:c7:1e:64:3f:03:38:34:fc:4d
Jun 22, 2036
GTS Root R3ECC 3M, SHA-38430:d4:24:6f:07:ff:db:91:89:8a:
0b:e9:49:66:11:eb:8c:5e:46:e5
Jun 22, 2036
GTS Root R4ECC 384, SHA-3842a:1d:60:27:d9:4a:b1:0a:1c:4d:
91:5c:cd:33:a0:cb:3e:2d:54:cb
Jun 22, 2036
GTS Root R2RSA 2048, SHA-175:e0:ab:b6:13:85:12:27:1c:
04:f8:5f:dd:de:38:e4:b7:24:2e:fe
Dec 15, 2021
GTS Root R4ECC 256, SHA-25669:69:56:2e:40:80:f4:24:a1:
e7:19:9f:14:ba:f3:ee:58:ab:6a:bb
Jan 19, 2038
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Exploring the Best Free VPS Control Panel for Web Hosting

Managing a Virtual Private Server (VPS) can feel overwhelming, especially if you're not well-versed...

Key IoT Use Cases in Education

The Internet of Things (IoT) is transforming the world of education, bringing new opportunities...

Ceph Storage Demystified: Go-To Guide for Beginners

Ceph is an open-source, software-defined storage platform that can handle massive amounts of data...