Upgrade Background

In accordance with Mozilla's updated Root Store Policy, root certificates used for server identity verification that were issued more than 15 years ago will no longer be trusted. Consequently, major browsers such as Mozilla Firefox and Google Chrome will stop trusting these older root certificates. Websites utilizing legacy GlobalSign root certificates (R1/R3/R5/R6) may encounter security warnings or access failures, directly impacting user experience and business continuity.

Upgrade Details

To ensure enhanced security and broader compatibility, starting from June 15, 2026, all new and re-issued OSS certificates will gradually transition to the new root certificate, "GlobalSign Root R46."

Impact and Required Actions

Regarding "GlobalSign Root R1", to maintain compatibility, updated certificates will remain compatible with "GlobalSign Root R1" until January 28, 2027. However, please note that the R1 root is scheduled to expire on January 28, 2028. For clients that do not yet support the R46 root, please ensure that you upgrade your local root certificate trust store before January 28, 2027. Regarding "GlobalSign Root R3", if your services rely on the "GlobalSign Root R3" certificate, you must remove this dependency. For further details, please refer to the official documentation on our website.