GeoTrust is a
digital certificate
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a Key authentication, public key. The certificate includes information about the key, i ...
provider. The GeoTrust brand was bought by
Symantec from
Verisign
Verisign Inc. is an American company based in Reston, Virginia, United States that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the , , and gene ...
in 2010, but agreed to sell the certificate business (including GeoTrust) in August 2017 to
private equity
In the field of finance, the term private equity (PE) refers to investment funds, usually limited partnerships (LP), which buy and restructure financially weak companies that produce goods and provide services. A private-equity fund is both a ty ...
and
growth capital
Growth capital (also called expansion capital and growth equity) is a type of private equity investment, usually a minority investment, in relatively mature companies that are looking for capital to expand or restructure operations, enter new mark ...
firm
Thoma Bravo LLC.
GeoTrust was the first
certificate authority
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
to use the
domain-validated certificate
A domain validated certificate (DV) is an X.509 public key certificate typically used for Transport Layer Security (TLS) where the domain name of the applicant is validated by proving some control over a DNS domain. Domain validated certificates ...
method which accounts for 70 percent of all SSL certificates on the Internet.
By 2006, GeoTrust was the 2nd largest certificate authority in the world with 26.7 percent market share according to independent survey company
Netcraft
Netcraft is an Internet services company based in Bath, Somerset, England. The company provides cybercrime disruption services across a range of industries.
History
Netcraft was founded by Mike Prettejohn. The company provides web server and ...
.
History
GeoTrust was the first
certificate authority
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
to use the
domain-validated certificate
A domain validated certificate (DV) is an X.509 public key certificate typically used for Transport Layer Security (TLS) where the domain name of the applicant is validated by proving some control over a DNS domain. Domain validated certificates ...
method
which is now widely accepted and used by all
certificate authorities including
Let's Encrypt
Let's Encrypt is a non-profit certificate authority run by Internet Security Research Group (ISRG) that provides X.509 certificates for Transport Layer Security (TLS) encryption at no charge. It is the world's largest certificate authority, used ...
.
GeoTrust was a restarted company in 2001 that acquired the security business of
Equifax
Equifax Inc. is an American multinational consumer credit reporting agency headquartered in Atlanta, Georgia and is one of the three largest consumer credit reporting agencies, along with Experian and TransUnion (together known as the "Big Thr ...
. The Equifax business was the basis of its fast growth. The founders of the restarted company were
CEO
A chief executive officer (CEO), also known as a central executive officer (CEO), chief administrator officer (CAO) or just chief executive (CE), is one of a number of corporate executives charged with the management of an organization especially ...
Neal Creighton
Neal Creighton is an American entrepreneur based in Boston, Massachusetts, United States. He was one of the co-founders and CEO of certificate authority GeoTrust in 2001, and is co-inventor of the domain-validated certificate patent issued in 2 ...
,
CTO Chris Bailey and Principal Engineer Kefeng Chen. Having no previous fund raising experience Creighton, Bailey and Chen used an existing company as the vehicle to acquire the business they had started at Equifax. The buyout of the Equifax certificate business was inexpensive given the final exit price in 2006.
VeriSign
Verisign Inc. is an American company based in Reston, Virginia, United States that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the , , and gene ...
acquired GeoTrust on 5 September 2006 for
$125 million. The main investor was St. Paul Venture Capital/VesBridge. ACG/ Mass High tech named VeriSign's acquisition of GeoTrust as the sell side deal of the year for 2006.
Symantec acquired the GeoTrust brand in 2010 as part of its $1.28 billion acquisition of
Verisign
Verisign Inc. is an American company based in Reston, Virginia, United States that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the , , and gene ...
security business.
Symantec announced the sale of its entire certificate business in August 2017 to
Thoma Bravo LLC for $1 billion
with the intention of merging it with
DigiCert
DigiCert, Inc. is an American digital security company headquartered in Lehi, Utah, with offices in Australia, Ireland, Japan, India, France, South Africa, Switzerland and United Kingdom. As a certificate authority (CA) and trusted third party, Di ...
. Thoma Bravo merged GeoTrust into DigiCert and GeoTrust is now owned by DigiCert.
Root Certificate Untrust
Following a dispute with
Google
Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...
the GeoTrust Root Certificate became untrusted.
*On July 27, 2017, Google posted a plan regarding Symantec-issued (GeoTrust) TLS server certificates wit
Intent to Deprecate and Remove
**December 1, 2017; all GeoTrust certificates must be issued from a new PKI infrastructure in order for such certificates to be trusted in Google Chrome.
**On March 15, 2018; Google Chrome will show a warning for sites secured with SSL/TLS certificates issued before June 1, 2016.
**On September 13, 2018; Google Chrome will show a warning for sites secured with SSL/TLS certificates issued by Symantec’s existing PKI infrastructure.
Beginning 1st December 2017 GeoTrust has been issuing all Certificates under the DigiCert Trusted Root TLS Certificate.
References
External links
* {{Official website, https://www.geotrust.com/
Certificate authorities
Companies established in 2001