Google Chrome is set to distrust digital certificates issued by Chunghwa Telecom and Netlock, effective August 1, 2025, with the release of Chrome version 139. This significant move stems from a pattern of compliance failures and a lack of progress in addressing security concerns by both certificate authorities, aiming to bolster the integrity of the Chrome Root Store.

Why Google Is Taking Action

Google's decision to remove trust in Chunghwa Telecom and Netlock stems from a consistent pattern of non-compliance, unfulfilled improvement commitments, and a failure to demonstrate measurable progress in response to publicly disclosed incidents. The tech giant stated that its confidence in the reliability of these Certificate Authorities (CAs) has diminished, eroding trust in them as publicly-trusted certificate issuers. This action is part of Google's broader effort to tighten security standards across the web, following new mandatory security requirements for CAs introduced in March 2025.

Impact On Websites And Users

Starting August 1, 2025, Chrome users visiting websites that continue to use certificates issued by Chunghwa Telecom or Netlock after July 31, 2025, will encounter a full-page security warning, typically stating, "Your connection is not private." While it may be possible to bypass this warning, it will disrupt the browsing experience and raise trust issues for visitors. Certificates issued by these CAs before July 31, 2025, will remain trusted.

• For Website Operators:It is strongly recommended to check the validity of current website certificates using tools like the Chrome Certificate Viewer.Website administrators should promptly switch to a certificate from another trusted Certificate Authority included in the Chrome Root Store to avoid service disruptions and maintain user trust.Although installing affected roots as locally trusted can override changes for enterprises, this is a temporary workaround.

Broader Context And Precedents

This move is not unprecedented. Google previously announced a similar distrust action against Entrust in June 2024, which took effect in November 2024, citing similar compliance and security standard failures. These actions underscore Google's commitment to enforcing stricter requirements for CAs to ensure a more secure online environment for its users. It's important to note that this change primarily affects Google Chrome and does not impact other browsers like Microsoft Edge, Mozilla Firefox, or Apple Safari, as they utilize different browser trust stores.

As cyber threats become increasingly sophisticated, your security strategy must evolve to keep pace. BetterWorld Technology offers adaptive cybersecurity solutions that grow with the threat landscape, helping your business stay secure while continuing to innovate. Reach out today to schedule your personalized consultation.

Key Takeaways

• Google Chrome will distrust new certificates from Chunghwa Telecom and Netlock from August 1, 2025.

• The decision is due to ongoing compliance failures and unmet improvement commitments.

• Websites using these certificates after July 31, 2025, will trigger security warnings in Chrome.

• Website operators must replace affected certificates with those from other trusted CAs.

• This action reflects Google's stricter stance on Certificate Authority compliance.

Sources

• Google Chrome to distrust Chunghwa Telecom, Netlock certificates in August, BleepingComputer.

• Chrome to Distrust Chunghwa Telecom and Netlock Certificates, SecurityWeek.

• Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues, The Hacker News.

• Google Chrome to distrust newer Chunghwa Telecom digital certificates, Focus Taiwan - CNA English News.