The lifetime/validity of SSL certificates has decreased significantly over the last decade in an effort of involved parties regulating the industry to improve security by forcing the re-validation/re-verification of organizations (certificate holders) more frequently and also, to ensure no certificates using obsolete encryption technologies remain in the market.

A brief timeline of the reduction in the lifetime/validity of SSL certificates is given below:

• Used as the foundation for HTTPS authentication, just over a decade ago domain registrars were selling SSL/TLS certificates that were valid for 8-10 years.
• In 2011, a new body called the Certification Authority Browser Forum (CA/Browser Forum), which included all the major web browser vendors, decided this was too long and imposed a limit of five years.
• In 2015 the time limit was dropped to three years
• A further drop followed in 2018 to only two years.
• As of September 1, 2020, it has been decided and enforced that the maximum validity for all certificates from now on will be just one year.
   

Maximum SSL certificate validity reduced to 1 year
This change was first announced by Apple, at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March. However, it was recently announced that Google Chrome will be joining Apple Safari in implementing a change to all publicly trusted SSL/TLS certificates.

As a consequency starting on September 1st, 2020 SSL/TLS certificates cannot be issued for longer than 1 year.

Key compromises and the discovery of internet security weaknesses are common and lead to real-world harm; web users should be better protected against these risks. Shortening certificates lifetime protects users by reducing the impact of compromised keys and by speeds up the replacement of insecure technologies and practices across the web.

For clients using a two-year certificate issued before September 1, 2020, their certificates will remain valid until their original expiration date. However, they will no longer be able to renew for more than one year any longer.

We do recognize that this reduction in validity from two years to one year will double the time required for the renewal/validation process. At Simplex, we are working along with our partner Digicert, the leading and most reputable supplier of SSL certificates worldwide, to simplify this process and remain committed in making your SSL purchase experience as cost-effective, smooth and hassle-free as it can be.

About Simplex

Established in 2005, Simplex is Cyprus’ leading provider of world-class premium carrier-neutral data center services and a leading enterprise IT integrator while it also provides ICT consulting and web/software development.  All services of the company are ISO 9001 and ISO 27001 certified, demonstrating the company’s commitment to quality and security.

Through its complete product and services portfolio and partnerships with leading vendors, Simplex is a single point of contact for all the ICT needs of an enterprise and has become the global IT partner for organizations from around the world, coming from various industries/markets that have trusted their IT operations to Simplex.

For more information about Simplex please visit www.simplex.com.cy.