Changes to TLS clientAuth Certificates: Ensuring You're Not Impacted
Cisco, Tuesday, February 17th, 2026
Cisco customers and partners who use Cisco equipment and services must be aware of important upcoming changes to public TLS certificates used for client authentication, driven by browser security policies such as those from Google Chrome.
These changes affect certificates containing the Client Authentication Extended Key Usage (EKU) and require careful management of certificate trust stores to avoid service disruptions.
This article explains the changes, the role of trust stores, how to verify and update them, and steps to ensure your systems remain secure and operational.
Important Note: This does NOT affect certificates that are issued by private PKI.