This ought to be old news, but I came across a site today, still using a 2017-issued Symantec certificate.
Plans by browser providers to deprecate trust in legacy Symantec certificates have been well publicized with plenty of notice for site owners and operators to ensure they have an up-to-date, trusted certificate (google announcement: https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html Mozilla announcement: https://blog.mozilla.org/security/2018/03/12/distrust-symantec-tls-certificates/)
There’s more detail on the issues here https://wiki.mozilla.org/CA:Symantec_Issues on the Mozilla wiki.
Although the deprecation has, in theory, already happened, the practical enforcement has been a rolling process, so even if your sites worked after the browser version upgrades you may not be in the clear.
Certificates affected by the deprecation of trust will show insecure warnings to users even though the certificate apparently checks out when inspected – that is because it is the Certificate Authority which is distrusted and not the certificate itself being broken or revoked.
It is important for the continued trustworthiness of Internet sites that there is a mechanism to remove problematic certificates from the realm of that trust, and it is also important for site owners and operators to keep themselves up-to-date and aware of potential issues that might undermine trust in their systems and businesses.
Digicert has taken over validation and issuance for Symantec, Thawte, GeoTrust and RapidSSL certificates. You can find out more about replacing your certificates here: https://www.digicert.com/replace-your-symantec-ssl-tls-certificates/