GTE CyberTrust Global Root Expiration Alert
View some of the Frequently Asked Questions to our support staff. Included are some tips and tricks making this forum ideal for users getting started with GoAnywhere MFT. Note: Users can reply to existing topics but only our support staff can add new topics to this forum.
5 posts
Page 1 of 1
- Site Admin
- Posts: 43
- Joined: Wed Jun 21, 2017 8:12 am
You may get alerts that you have an expiring Certificate Authority certificates. Most recently, the alerts have been for the GTE cert below.
Valid until: 13/Aug/2018
Serial #: 01:A5
Thumbprint: 97817950D81C9670CC34D809CF794431367EF474
Based on the information available at the links below from the cert provider (Digicert), this certificate is not being renewed, but there is only a slim chance you are using it. It has been deprecated in some browsers as mentioned in the first link.
According to Digicert Support [7/16/2018], the Baltimore CyberTrust Root cross-chain, but they weren’t able to provide a link to this information. For more information contact Digicert Support via the link below.
https://www.digicert.com/digicert-root-certificates.htm
https://www.digicert.com/blog/what-the- ... ots-means/
Why does this happen?
When you install GoAnywhere, you get the latest Root certificates available from Java. We provide this service so our customers don’t have to find and install each Root cert. These certs – which have expiration dates -- work with your (or your trading partner’s) signed certificates to build a trust chain for SSL/TLS connections. When a certificate expires or is upgraded, you can easily find, download and import the new cert into GA (see user guide for importing). In the case of the GTE CyberTrust Global Root, Digicert does not seem to be providing this. We have been unable to get an official response from Digicert, but the link above implies that if you are using an old certificate that relies on this Root cert, you would need to renew your certificate. At that time, it would rely on a much newer Root cert. The same would hold true for your trading partner, but it would be their responsibility to make available the new certificate to you.
Valid until: 13/Aug/2018
Serial #: 01:A5
Thumbprint: 97817950D81C9670CC34D809CF794431367EF474
Based on the information available at the links below from the cert provider (Digicert), this certificate is not being renewed, but there is only a slim chance you are using it. It has been deprecated in some browsers as mentioned in the first link.
According to Digicert Support [7/16/2018], the Baltimore CyberTrust Root cross-chain, but they weren’t able to provide a link to this information. For more information contact Digicert Support via the link below.
https://www.digicert.com/digicert-root-certificates.htm
https://www.digicert.com/blog/what-the- ... ots-means/
Why does this happen?
When you install GoAnywhere, you get the latest Root certificates available from Java. We provide this service so our customers don’t have to find and install each Root cert. These certs – which have expiration dates -- work with your (or your trading partner’s) signed certificates to build a trust chain for SSL/TLS connections. When a certificate expires or is upgraded, you can easily find, download and import the new cert into GA (see user guide for importing). In the case of the GTE CyberTrust Global Root, Digicert does not seem to be providing this. We have been unable to get an official response from Digicert, but the link above implies that if you are using an old certificate that relies on this Root cert, you would need to renew your certificate. At that time, it would rely on a much newer Root cert. The same would hold true for your trading partner, but it would be their responsibility to make available the new certificate to you.
Philip Horn
Senior Support Analyst
e. [email protected]
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
Senior Support Analyst
e. [email protected]
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
- Support Specialist
- Posts: 91
- Joined: Thu Mar 05, 2009 3:49 pm
- Location: Ashland, NE USA
-
You may also see an alert for an Equifax certificate that is being retired.
Please refer to this link: https://www.geotrust.com/resources/root ... tired.html
Please refer to this link: https://www.geotrust.com/resources/root ... tired.html
- Site Admin
- Posts: 43
- Joined: Wed Jun 21, 2017 8:12 am
As the GTE CyberTrust Global Root is being replaced by the Baltimore CyberTrust Root , you should be safe to delete it. Additionally, the certificate should no longer be in use as it has since expired.
Philip Horn
Senior Support Analyst
e. [email protected]
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
Senior Support Analyst
e. [email protected]
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
5 posts
Page 1 of 1