Changes to clientAuth support in Google Trust Services Certificates

Google Trust Services will be dropping clientAuth support in public TLS certificates beginning in
June, 2026. This change is being made in response to Browser Root Program requirement changes that
impact all public Certificate Authorities.

This will require changes to how mTLS and other clientAuth use cases handle certificate
provisioning and trust store updates. clientAuth use cases should move to private PKIs. There are
many good options for private PKIs, such as Google Cloud's
[Certificate Authority Service](https://cloud.google.com/security/products/certificate-authority-service).
      

• Privacy
• Terms
• About Google
• Google Products

• Help