Security Experts:

Comodo Sells Certificate Business to Private Equity Firm

Francisco Partners Acquires Comodo's Certifiate Authority Business 

Tech-focused private equity firm Francisco Partners announced on Tuesday that it has acquired Comodo CA Limited, Comodo’s certificate authority business, for an undisclosed amount.

Comodo CA is the world’s largest provider of SSL certificates, with more than 91 million certificates issued to over 200,000 customers in 150 countries. Francisco Partners has acquired a majority stake in the company and says the investment will help support Comodo CA’s accelerated growth; the firm consistently reported double-digit revenue growth in the past several years.

Bill Holtz, former COO of Entrust and former CIO of Expedia, has been named Comodo CA’s chief executive officer (CEO). Bill Conner, currently the president and CEO of security firm SonicWall, has been appointed chairman of the board. Melih Abdulhayoglu, CEO and founder of the Comodo Group, will remain a minority owner and board observer.

“Bill Holtz and Bill Conner are very accomplished executives within the enterprise security market and we are thrilled to have them join Comodo CA,” said Brian Decker, head of security investing at Francisco Partners. “Their years of experience in the SSL and digital certificate business is invaluable for Francisco Partners in this investment as Comodo CA grows and expands its leadership from SSL certificates to IoT.”

Some experts have raised concerns over Comodo CA’s acquisition by Francisco Partners, a company whose portfolio includes several surveillance-focused firms, considering that digital certificates are highly valuable assets for online surveillance purposes.

Comodo has been trying to snatch customers from Symantec, which announced on Tuesday that it’s certificate business has been acquired by DigiCert for $950 million. Symantec decided to sell its website security and related public key infrastructure (PKI) solutions after Mozilla and Google announced their intent to revoke certificates issued by the company and its partners.

When the acquisition was first announced, Comodo warned Symantec customers that the migration to DigiCert’s platform, which is significantly smaller than Symantec’s infrastructure, “poses a huge execution and technology risk.”

Symantec and DigiCert promised customers a smooth transition, but Mozilla has raised some concerns about the acquisition, particularly regarding Symantec’s involvement in day-to-day operations after the transfer of ownership.

*Updated with paragraph on concerns that Francisco Partners has several surveillance firms in its portfolio

Related: Google Launches Its Own Root Certificate Authority

Related: Let's Encrypt Wildcard Certificates a 'Boon' for Cybercriminals, Expert Says

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.