GlobalSign R46 Certificate Update

We are issuing this notice to inform partners of an upcoming update to the digital certificates used across multiple service URLs. As part of our ongoing security and platform maintenance activities, we will transition the certificate trust chain for affected endpoints to the GlobalSign Root R46 hierarchy. This update is intended to support continued alignment with current TLS and certificate ecosystem requirements while maintaining secure access to our services.

The certificate updates for upcoming dates for service URLs can be found here.  Please review the list to check if this is a service URL your interface utilizes with SynXis.   

What Is Changing

The SSL/TLS certificates presented by the affected URLs will be updated to use a certificate chain associated with GlobalSign Root R46. Industry guidance indicates that newer TLS-dedicated roots and updated certificate profiles are being adopted to remain aligned with evolving browser and certificate authority requirements, and GlobalSign has published related guidance on these changes. Most modern browsers, operating systems, and standard trust stores are expected to recognize the updated trust chain without interruption. Older environments, custom trust stores, or applications using certificate pinning may require validation and updates in advance of the change.

Expected Impact

Service interruption or application change is not expected as a result of this update. However, customers may experience connection or certificate validation issues if their environments rely on certificate pinning, hardcoded intermediate or root certificates, legacy operating systems, legacy Java runtimes, embedded trust stores, or other non-standard trust configurations. Customers with these types of implementations should review and test their environments before the implementation date.

Recommended Actions

  • Review any certificate pinning or trust store configuration associated with the URLs listed here. GlobalSign Root R46 certificate can be downloaded from here.
  • Confirm that client applications, middleware, security appliances, and Java runtimes trust the GlobalSign Root R46 certificate chain where applicable.
  • Test connectivity to the affected URLs in lower environments or pre-production environments before the implementation date.
  • Coordinate with internal security, network, and application teams if your organization uses custom certificate validation controls.