SSL/TLS Certificates max validity is reducing to 1 year

Posted: Saturday 1 August 2020 by Chris

To improve web PKI and security, Certificate Authorities (CA) and Web Browsers will no longer be issuing or trusting SSL/TLS certificates with validity periods longer than one-year starting September 1, 2020. Initiated by Apple Safari and joined by Google Chrome and Mozilla Firefox, the new max validity period will be 398 days which is one-year plus a 33-day renewal grace period.

The shortening of certificate validity periods is nothing new. We have seen the industry go from 10-year certs to 5 to 3 to 2 and now 1. This is a good thing for internet users. It forces businesses to adopt new security updates more quickly and ensures the identity of website owners is valid and up to date to avoid possible impersonations.

Up until 31 August 2020, 2 year certificates are still available to be issued for this length of time.  After 1 September multiple year certificates will become a subscription service, where certificates will be issued for a year at a time, taking advantage of cost savings for multiple years (more details available shortly).  There is no change for 1 year certificates.

If you have any queries feel free to get in contact.