The Sectigo certification authority plans to abandon the localityName field

The Sectigo Certification Authority is gradually phasing out the use of Locality information in favor of State and Province data in public SSL/TLS certificates (with OV and EV verification). According to the recommendations of the CA/B Forum, such certificates must contain one of two fields: stateOrProvinceName or localityName. It is not required to add the two fields at once.

At the same time, as noted by Sectigo experts, the rules for filling in the localityName field are very vague. To avoid negative consequences for clients in the form of forced revocation of certificates, the certification authority Sectigo decided to abandon the use of localityName in favour of stateOrProvinceName. This field is well documented and has a ready-made list of government jurisdictions.

What should current clients do?

The change will not affect certificates already issued.

The process of transition to the stateOrProvinceName field instead of localityName will not be one step – it will take several years.

Subscribe to our updates to stay up to date with the latest news from the world of SSL!