Web Security Service Root CA Update

1 day

The scheduled maintenance has been completed.


Scheduled maintenance is currently in progress. We will provide updates as necessary.


Symantec will begin updating the SSL interception root certificate used by the WSS service later this year.

Impact Existing certificates installed on endpoints and other devices will continue to function normally until September, 2021.

The current certificate expiration date is September 5, 2021. After this date, SSL Interception, SAML authentication, and other services will trigger certificate validation errors on endpoints that still have the current certificate.

Required Action Beginning October 12th, 2020, you can obtain the new WSS Root Certificate from the WSS portal.

To avoid connection issues, upgrade all applicable technologies before September 5th, 2021, including:

• Endpoints without an Agent or pre-7.1 WSS Agent versions • On-premises devices connected by IPsec or Proxy Forwarding • Proxy Forwarding connectivity method: you must also add the new certificate to the browser-trusted list on the ProxySG appliance

An upcoming WSS Agent version (7.x) automatically installs the new certificate on endpoints. When you upgrade WSS Agent to that version, no further action is required. Upcoming releases of SEP and SEP-Mobile will also automatically install the new certificate on endpoints.

See the following FAQ for additional details: https://knowledge.broadcom.com/external/article?articleId=200314

Began at:

Affected components