What is an SSL Certificate?
To quickly explain what an SSL Certificate is for those who are not familiar with the topic. An SSL Certificate is a collection of small data files that digitally bind a cryptographic key to corporate details.
When installed on a web server, the SSL certificate activates the padlock and the https protocol and allows secure connections from a web server to a browser. The SSL certificate would usually be used for secure credit card transactions, data transfers and logins.
TLS/SSL certificate validity period shifts to one-year maximum
On September 1 2020, all Certificate Authorities are required to stop issuing 2-year TLS/SSL certificates. The new industry-allowed maximum validity will be 1 year (398 days). DigiCert is limiting the maximum certificate validity to 397 days to account for differences in time zones. This change applies to all publicly trusted TLS/SSL certificates.
The belief is that shorter lifetime on SSL certificates will help enhance the security of the ecosystem and greatly assists with the automation on the certificate lifecycle process.
What do I need to do?
Nothing needs to be done on your end if you have a current valid SSL certificate that works. If you're ordering a new SSL certificate then going forward you can only get one for 1-year max.
We recommend that you take inventory of your current certificates and any new certificates they may need with a 2-year validity, and order them as soon as possible.
2-year SSL certificates will be offered until August 27, 5:59 pm MDT (23:59 UTC) for organizations that are already validated.
2-year certificates will be offered until August 12, 5:59 pm MDT (23:59 UTC) for organizations that need to be validated.
Any pending 2-year orders that have not been issued by August 27 will convert to a 2-year Multi-year Plan (see below), and the initial certificate will be issued with a validity of 397 days.
How will this affect me?
Any pending 2-year certificates that have not been issued by August 27 will follow the new rules. The future certificate can only have a maximum of 397 days, and the balance of time can be claimed by issuing a new certificate for the remaining duration.
Any 2-year certificates issued by August 27 will remain valid until expiration without any modification or replacement. However, as we are unable to reissue 2-year certificates after August 27, any reissues made after that date will be reduced to 397 days.
Benefits of this plan:
Make renewals simpler. Certificate renewals no longer require additional lifetimes added to new certificates. A customer can simply reissue a new certificate for an additional period.
Reduce security risks within your customer base.