picture of tbs certificates
picture of tbs certificates
Our products range

20151218 - Microsoft could remove Certigna root from browsers because of a misplaced document

We learnt today that Microsoft might remove Certigna root from its tools, at an undefined date during January 2016.

Updated on 18 Dec at 7pm: in fact Microsoft would have considered a bit quickly Certigna inactive after being unable to locate a legal document. Situation should be clarified in the next few days.

Updated on 22 Dec at 9am: Certigna confirms that it was, indeed, a misunderstanding. Certigna root will remain on Microsoft tools.


The precise reasons of this decisions are this are not known but Microsoft indicates:

"This past spring, we began engaging with Certificate Authorities (CA) to solicit feedback and talk about upcoming changes to our Trusted Root Certificate Program. Among other things, the changes included more stringent technical and auditing requirements. The final program changes were published in June 2015. (...) We identified a few partners who will no longer participate in the program, either because they have chosen to leave voluntarily or because they will not be in compliance with the new requirements."

And adds:

"If you use a certificate that was issued by one of these companies, we strongly recommend that you obtain a replacement certificate from another program provider."

Which products are concerned?

Only Certigna SSL RGS* certificates are impacted by this news.

What might be the consequences?

Should the root be removed from Microsoft products, the certificates chained to it would trigger security alerts. Web users would then be invited not to trust the web site presenting such a certificate for safety matters. The impact on those sites traffic would be important.

And what about Certigna?

The Authority declares:

"After an exchange with Microsoft, we confirm that it is a misunderstanding that is currently sorted out. Certigna will let you know when it is solved as soon as possible.

All our products and services can be used normally."

Useful links

* Extract of the article published by Microsoft