Does this have any implications for the Google Integrations in HA ?
In **Q2 2026**, to improve efficiency, we will be updating the Transport Layer Security (TLS) certificate for many Google endpoints. The intermediate **Certificate Authority (CA)** and certificate type will shift from a **RSA** certificate chain and leaf certificate to an **ECDSA** certificate.
### What you need to know
**Key changes:**
Many services, including googleapis.com, will shift to using the **Google Trust Services WE1** intermediate and ECDSA based TLS certificates.
**Potential impact:**
If your client applications are not configured correctly, they may be unable to connect to Google services after this change. Connection failures are most likely to occur in the following two scenarios:
* **Certificate pinning**: We do not recommend pinning intermediate or leaf certificates. This practice will cause your application to break during routine certificate rotations.
* **Custom trust stores**: If you use a custom trust store, you must ensure it includes all of Google Trust Services (GTS) Root CAs to prevent outages.
For most customers, no action is required as a result of this change. However, if you run a custom trust store or pin CAs, you may need to take action. We’ve provided additional information to guide you through this change.
### What you need to do
**Action advised before June 15, 2026:**
* Ensure you trust all Google Trust Services Root CAs as detailed in this [Google Trust Services Certificates documentation](https://c.gle/AOExmq1N9dpnQReeOoeffA0VNgWlHDDMNvwJUHDXhSHyesHH2JeGInYt0Dcb6EM1qfWE27DIPdA4bl3oG3MbgnT1tyB-OmR_r-iEyJKWchRDz2_AMJvENLNZ20Hv1tFoAqrmLQhYLW_mLWE).
* Pinning is discouraged. If you choose to pin, ensure that all Google Trust Services Roots and, if applicable, intermediates are in your pin list.
**Timeline:**
Services will shift to new intermediates throughout **late Q2 2026**.
**Impacted customers/accounts:**
Any cloud project using a limited set of trusted roots or pinning certificates may experience issues.