Handling the GlobalSign Root Hierarchy Transition: Guidelines for Alpha SSL Certificate Users

Learn how GlobalSign's Alpha SSL certificate transition from Root R1 to R6 impacts your servers and how to secure your digital infrastructure post-January 2024. Stay updated with Batoi's insights on navigating these critical security changes.

Batoi Research Group Jan 16, 2024 Facebook Twitter LinkedIn Pinterest

In today's digital era, SSL certificates ensure secure online transactions and communications. The recent announcement by GlobalSign regarding the transition of its root hierarchy for Alpha SSL certificates is a significant change. This blog post aims to shed light on this change and its implications for our Batoi customers, who rely mainly on these certificates for their security infrastructure.

Understanding the Transition

GlobalSign, a leading digital certificate authority, has announced that it will be migrating the issuance of Alpha SSL certificates from its older Root R1 to the new Root R6. At Batoi, we primarily use GlobalSign certificates for our security infrastructure; many customers opt for the Alpha SSL certificate. This change is in response to Mozilla's announcement regarding removing the TLS and Secure Mail trust bits from older Roots, as detailed on their wiki page.

What's Changing?

From January 29th, 2024, all reissues or renewals of Alpha SSL certificates will be conducted under the new R6 issuing CA, "GlobalSign GCC R6 AlphaSSL CA 2023." This new root CA represents a significant upgrade in security protocols and aligns with the latest industry standards.

Impact on Current Certificate Holders

Certificates issued under Root R1 will remain effective for their entire lifespan, as they are set to expire before Mozilla implements changes to the Root R1 trust bit. Therefore, there is no immediate need to reissue these certificates.

For our valued customers at Batoi, this transition means upgrading the security infrastructure of their SSL certificates. It's crucial to understand how this change affects your existing certificates and what steps are needed to maintain uninterrupted and secure service.

  • Certificate Installation: After January 29th, 2024, when you renew or reissue your certificate, ensure the new CA certificates are installed along with your TLS certificates. Detailed instructions on GlobalSign's support page discuss Mozilla's removal of the TLS trust bit from Roots R1 and R3.

  • Check Compatibility: Verify that your systems and software are compatible with the new Root R6. It is crucial for ensuring uninterrupted service and security.

  • Contact Support for Assistance: If you encounter any issues or have questions, do not hesitate to contact the Batoi Support Team for guidance and support.


This transition marks a significant step in enhancing the security and reliability of digital certificates. By staying proactive and following the recommended steps, users of Alpha SSL certificates can ensure that their digital security remains robust and aligned with current standards.

Need our assistance? We are available.

Learn More About Our Platform?
Schedule a Demo
An Existing Customer?
Get Support
Want Managed Service?
Request for a Quote
Report an Error