GeoTrust

{{short description|Digital certificate provider}}

{{Infobox Brand

|logo=GeoTrust logo.svg

|name=Geotrust

|image=

|type=Public key certificates

|currentowner=DigiCert

|origin=United States

|discontinued=

|related=

|markets=World

|previousowners=

|trademarkregistrations=

|website={{URL|https://www.geotrust.com}}

}}

GeoTrust is a digital certificate provider. The GeoTrust brand was bought by Symantec from Verisign in 2010, but agreed to sell the certificate business (including GeoTrust) in August 2017 to private equity and growth capital firm Thoma Bravo LLC.{{Cite news|url=https://www.reuters.com/article/us-symantec-divestiture-thoma-bravo/symantec-to-sell-web-certificates-business-to-thoma-bravo-sources-idUSKBN1AI2N6|title=Symantec to sell Web certificates business to Thoma Bravo: sources|author=Liana B. Baker|date=2017-08-02|work=Reuters|access-date=2018-01-08}} GeoTrust was the first certificate authority{{cite book | last=Aumasson | first=J.P. | title=Serious Cryptography: A Practical Introduction to Modern Encryption | publisher=No Starch Press | year=2017 | isbn=978-1-59327-882-3 | url=https://books.google.com/books?id=hLcrDwAAQBAJ&pg=PT429 | access-date=2020-07-10 | page=429}} to use the domain-validated certificate method which accounts for 70 percent of all SSL certificates on the Internet.√https://www.netcraft.com/internet-data-mining/ssl-survey/{{Cite web|url=https://www.pcmag.com/news/top-ssl-certificates-buyers-guide|title=Top SSL Certificates Buyer's Guide|website=PCMAG}} By 2006, GeoTrust was the 2nd largest certificate authority in the world with 26.7 percent market share according to independent survey company Netcraft.{{Cite web|url=https://news.netcraft.com/archives/2006/05/17/verisign_to_buy_geotrust_combining_top_ssl_providers.html|title=VeriSign To Buy GeoTrust, Combining Top SSL Providers|website=Netcraft News}}

==History==

GeoTrust was the first certificate authority to use the domain-validated certificate method {{cite patent

| country = US

| number = 8028162

| status = Granted

| title = Methods and systems for automated authentication, processing and issuance of digital certificates

| pubdate = September 27, 2011

| inventor = Douglas D. Beattie

| invent1 = Neal Lewis Creighton

| invent2 = Christopher T. M. Bailey

| assign1 = GeoTrust

| url = https://patents.justia.com/patent/7562212}}

which is now widely accepted and used by all certificate authorities including Let's Encrypt. {{Cite web|url=https://www.theregister.com/2002/07/24/theres_certs_and_certs_verisign/|title=There's certs and certs – VeriSign badmouths rivals|website=www.theregister.com}}{{Cite web|url=https://nakedsecurity.sophos.com/2020/03/02/lets-encrypt-issues-one-billionth-free-certificate/|title=Let's Encrypt issues one billionth free certificate|date=March 2, 2020}}

GeoTrust was a restarted company in 2001 that acquired the security business of Equifax. The Equifax business was the basis of its fast growth. The founders of the restarted company were CEO Neal Creighton, CTO Chris Bailey and Principal Engineer Kefeng Chen.{{Cite web|title=Neal Creighton, CEO, GeoTrust - InternetNews.|url=http://www.internetnews.com/security/article.php/3589221/Neal+Creighton+CEO+GeoTrust.htm|website=www.internetnews.com|access-date=2020-05-22}} Having no previous fund raising experience Creighton, Bailey and Chen used an existing company as the vehicle to acquire the business they had started at Equifax.{{cite web |url=https://www.bizjournals.com/atlanta/stories/2001/09/24/daily17.html |title=GeoTrust acquires Equifax's digital certificate business |date=September 25, 2001 |website= www.bizjournals.com|access-date=2020-07-10}} The buyout of the Equifax certificate business was inexpensive given the final exit price in 2006.{{Cite web|url=https://www.bizjournals.com/boston/blog/mass-high-tech/2007/12/mass-high-tech-acg-name-top-tech-dealmakers.html|title=Mass High Tech, ACG name top Tech Dealmakers for 2007|date=2007-12-06|website=Boston Business Journal|access-date=2019-10-28}}

VeriSign acquired GeoTrust on 5 September 2006 for $125 million. The main investor was St. Paul Venture Capital/VesBridge. ACG/ Mass High tech named VeriSign's acquisition of GeoTrust as the sell side deal of the year for 2006.{{Cite web |url=http://www.redherring.com/Home/16904 |title=VeriSign Buys GeoTrust: $125M |access-date=2008-01-04 |archive-url=https://web.archive.org/web/20080920102953/http://www.redherring.com/Home/16904 |archive-date=2008-09-20 |url-status=dead }}{{Cite web|url=https://www.theregister.com/2006/05/18/verisign_geotrust_acquisition/|title=VeriSign buys SSL certs rival for $125m|website=www.theregister.com}}

Symantec acquired the GeoTrust brand in 2010 as part of its $1.28 billion acquisition of Verisign security business.{{Cite web|url=https://www.crn.com/news/security/224900438/symantec-to-acquire-verisign-security-for-1-28b.htm|title=Symantec To Acquire VeriSign Security For $1.28B|first=Stefanie|last=Hoffman|date=May 19, 2010|website=CRN}}

File:GeoTrust.svg

Symantec announced the sale of its entire certificate business in August 2017 to Thoma Bravo LLC for $1 billion with the intention of merging it with DigiCert.{{Cite news|url=https://www.digicert.com/news/digicert-completes-acquisition-of-symantec-ssl/|title=DigiCert Completes Acquisition of Symantec's Website Security and Related PKI Solutions - DigiCert|work=DigiCert|access-date=2018-01-08|language=en-US}} Thoma Bravo merged GeoTrust into DigiCert and GeoTrust is now owned by DigiCert.

==Root Certificate Untrust==

Following a dispute with Google the GeoTrust Root Certificate became untrusted.{{Cite news|url=https://www.theregister.co.uk/2017/09/12/chrome_66_to_reject_symantec_certs/|title=Google to kill Symantec certs in Chrome 66, due in early 2018|access-date=2018-01-08|language=en}}

• On July 27, 2017, Google posted a plan regarding Symantec-issued (GeoTrust) TLS server certificates with [https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/eUAKwjihhBs%5B251-275%5D Intent to Deprecate and Remove]:
• December 1, 2017; all GeoTrust certificates must be issued from a new PKI infrastructure in order for such certificates to be trusted in Google Chrome.
• On March 15, 2018; Google Chrome will show a warning for sites secured with SSL/TLS certificates issued before June 1, 2016.
• On September 13, 2018; Google Chrome will show a warning for sites secured with SSL/TLS certificates issued by Symantec’s existing PKI infrastructure.

Beginning 1st December 2017 GeoTrust has been issuing all Certificates under the DigiCert Trusted Root TLS Certificate. {{Cite web|url=https://www.ssltrust.com.au/geotrust-ssl#about-geotrust|title=GeoTrust Global SSL Certificates|website=www.ssltrust.com.au}}