Change in SSL Certificate Lifetimes

Posted: Tuesday 30 January 2018 by Chris

The CA/Browser Forum has implemented a change in Certification Authorities’ policy requirements, reducing the maximum lifetime for all TLS/SSL certificates to 825 days, which is just over 27 months.  This is a reduction from the existing maximum term of 39 months, meaning the maximum validity for an SSL certificate is now two years, and not three.

This is an industry-wide directive which affects all certificate authorities. In accordance with the CA/Browser Forum Baseline Requirements, effective 1 March 2018, Certificate Authorities (CAs) will no longer be able to issue SSL Certificates with a validity period longer than 27-months.

As a result, ProWeb will adopt these new lifetime requirements effective 1 March 2018 and three-year certificates will be removed as available options from our website.

What this means to you:

  • You may still purchase one and two-year certificates.
  • After 1 March 2018, any renewals or reissues of certificates that were originally for terms longer than 27 months will have their term truncated to the maximum permissible duration of 27 months. When the 27 months expires, customers will receive a free replacement certificate, which is valid for the remainder of the certificate duration.
  • There is no action required for 3-year certificates issued prior to 1 March 2018.  These certificates are unaffected and will remain valid for their full term. However, should customers need to replace one of these certificates after 1 March 2018, the new regulations will apply.

If you have questions, please contact us.