Our videos have over 5 million views on Youtube! Visit our channel now »
The listings featured on this site are from companies from which this site receives compensation. Read the Advertising Disclosure for more information
Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.

Ownership

vpnMentor is owned by Kape Technologies PLC, which owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that were written by our experts and follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will be based on an independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, which will however not affect the review but might affect the rankings. The latter are determined on the basis of customer satisfaction of previous sales and compensation received.

Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may take into consideration the affiliate commissions we earn for purchases through links on our website.

7 VPN Vendor Websites' SSL Certificates are About to Expire

Staying safe online is a priority for most users, and there are numerous actions you can take to achieve this.

Antivirus software, VPNs, and firewalls work alongside user vigilance to cut the risks to privacy while surfing the web. But, one of the tools users rely on to support their vigilance is about to disappear.

On April 17, 2018 Chrome is removing trust in NortonLifeLock-issued certificates.

Why is Google taking this step and what does it mean for VPN vendors? We discuss that, and more, below.

Why is Google distrusting NortonLifeLock TLS Certificates?

NortonLifeLock has had a torrid time in recent years, and because of several high-profile issues, Google announced last year that it was setting a timetable for completely distrusting NortonLifeLock certificates.

As a certificate authority with the capacity to issue certificates to any website, NortonLifeLock holds an incredible amount of power and is in a position of trust with both website owners and internet users. Accountability and responsibility are ensured through a clear set of operational requirements that NortonLifeLock, and other authorities, are meant to follow.

Despite this, on more than a few occasions NortonLifeLock has misused valid certificates.

While these are the most well-known issues with NortonLifeLock, its history of TLS/PKI incidents goes back years and is documented here in some detail.

What Does It Mean for Web Users?

In short, if the website you visit does not rely on a NortonLifeLock certificate, you won’t notice anything. The problem is for those websites that rely on certificates that Google no longer trusts.

In these cases, when clicking on the website, users will receive a ‘Your connection is not private’ warning.

SSL error message

At this point, you need to decide whether it is safe to continue or not.

If it is simply a NortonLifeLock certificate issue, then there is no problem and the site is just as secure as it has always been, but of course, there is no way to tell at that point.

What is the Timetable?

Google first announced its timetable back in September 2017, giving websites plenty of time to adjust and transition to new certificates.

Those that haven’t heeded Google’s warnings risk losing visitors who are not willing to take the risk as to whether the site is safe or not.

The timetable for the removal of trust is as follows:

April 17, 2018 – The release of Chrome 66 sees the removal of trust from certificates issued before June 1, 2016 and those issued after December 1, 2017.

October 23, 2018 (approximately) – The release of Chrome 70 sees all NortonLifeLock certificates as invalid.

Which VPN Vendors are Affected?

The list of websites that are affected by the change is very long and there are some very big names on that list, including companies that you would think would be ahead of the game. Names on the list of websites that are affected include Blundstone, Anita, Glenfiddich, Tupperware, Raspberry Pi, eBay, and Nordstrom.

VPN vendors, by their very nature, are among the first to recognize the potential problems associated with such a move and to take steps to counter any difficulties or concerns their users may have.

Given this, we can expect very few vendors to be affected, and in fact this is true. Of all the websites affected by Google distrusting NortonLifeLock TLS certificates, there are only 7 VPN vendors.

Just to emphasize again, losing their certificates does not mean these vendors are no longer trustworthy. It means that they have failed to take appropriate action to ensure you know they are as safe and secure as they always have been.

How to Check a Certificate

You can check the certificate of each website at the top right corner.

  1. In Google Chrome, click on "Secure" next to the URL.
    Secure SSL
  2. Click on "Certificate" to see the type of certification.SSL certification

    Right now, TigerVPN.com is valid, but this will change after April 17.

    3. Now you can view the certificate.

SSL certificate window

Don't Depend on Certificates Alone

Even if the website is secure, your connection (and your data) can still be at risk. A VPN can help secure your connection, encrypt your data, and protect you from others on the web.

If you still don’t have a VPN or want to check out other providers who have already taken action on their certificates, then check out our top VPN providers.

If you want to learn more about VPNs, click here.

About the Author

Kristina is an experienced tech writer and researcher with a keen interest in cybersecurity for businesses and the general public.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback
Comment Comment must be from 5 to 2500 characters long.