Google Chrome to Revoke Trust in Two Certificate Authorities Citing Compliance and Conduct Concerns
Google has announced that it will stop trusting digital certificates issued by Chunghwa Telecom and Netlock, citing “patterns of concerning behaviour observed over the past year.”
This change is set to take effect in Chrome version 139, which is expected to be released publicly in early August 2025. The current major version is 137.
The update will apply to all Transport Layer Security (TLS) server authentication certificates issued by the two Certificate Authorities (CAs) after July 31, 2025, at 11:59:59 p.m. UTC. Certificates issued prior to that date will remain trusted.
“Over the past several months and years, we have observed a pattern of compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress in response to publicly disclosed incident reports,” Google’s Chrome Root Program and the Chrome Security Team said.
Following this change, Chrome users on Windows, macOS, ChromeOS, Android, and Linux who visit websites using certificates issued by either CA after July 31 will encounter a full-screen security warning.
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.