From 1st of March, two years is the maximum validity for SSL certificates.
The SSL certificate industry has been going through a lot of changes recently, and another significant change is on the horizon. From March 1, 2018, all certificate authorities will stop issuing 3-year SSL certificates. The CA/Brower forum, an independent body, comprised of leading browsers and CAs, decided to eliminate three years validity last year.
That means you will only be able to purchase certificates for a maximum of two years. Technically, the new maximum lifespan is 825 days (2 years + renewal period). Please note that this is not our decision, it is the decision of CA/B forum.
Why is this happening?
Before you conclude that this is a Ponzi plot colluded by browsers and CAs to sell more certificates and mint more money, STOP! This is only happening for security reasons. Let us explain it to you.
An SSL certificate isn’t just a “certificate.” Years of research goes into developing unbreakable algorithms, ciphers, and protocols behind them. As time passes by, vulnerabilities are found in them, and ultimately, that algorithm/version is considered broken. This happened pretty recently when SHA-1, a hashing algorithm, got broken and millions of users had to migrate to SHA-2. This led to chaos among website owners. To avoid such unfortunate scenarios, the validity of SSL has been reduced to two years.
Another reason behind this is to make sure that the organizations who have SSL certs issued in their names are still operating.
We hope this has put all your conspiracy theories to bed.
What we’ll do
From 20th February, all the certificates available on our sites will come with the maximum lifecycle of 2 years. Remember, this applies to all CAs and all certificates.
What if I purchase a 3-year cert before the deadline?
If you manage to purchase before the deadline arrives, the certificate will come with a 3-year lifespan. However, after 3 years when you might want to renew it, the renewed cert will come with a 2-year period.
