Shorter duration for SSL certificates: a maximum of 1 year
To increase the security of HTTPS connections, SSL certificates will be for a shorter duration: from now on, they will have a maximum validity of 1 year. How does that affect you as a Combell customer?
Unilateral decision by producers of browsers to shorten the duration of SSL certificates
As you know, an SSL certificate is required if you want to provide a secure HTTPS connection to your website. Depending on its strictness, that certificate provides certain guarantees as to the identity of the domain name owner. The check on the identity is performed by the CAs (Certificate Authorities) that also issue the certificate. Read more about SSL certificates, the various types, and how they work.
In recent years, the browser producers (Apple, Microsoft, Google, Mozilla, etc.) have been pushing to have the duration of the certificates shortened. In 2005, they lasted for 8 years, and since 1 March 2018 for just 2 years – 27 months or 825 days to be precise, that is to say 24 months plus a renewal buffer of 3 months.
But now, the browser producers have decided unilaterally to shorten this duration once more: from 1 September 2020, a certificate may last for only 398 days (1 year plus a renewal buffer of 1 month). And the CAs have no option but to comply with this decision.
Have you currently purchased a multi-year SSL certificate at Combell? No problem: we will take care of extending it in the background. This way, you will always have a valid certificate!
A shorter duration for SSL certificates helps increase security
Why have the browser producers taken this step despite opposition from the CAs?
If an SSL certificate is misused for malware, phishing or something else, the CA has to revoke the certificate. But according to the browser producers, that happens too slowly. By shortening their duration, misused certificates in any event become invalid more quickly.
Browser producers are worried that hackers might crack HTTPS traffic. By securing the traffic with shorter-lasting certificates, they hope to make the process more onerous and resource-intensive for hackers – and thus less attractive.
What are the effects of the shorter certificates?
Generally speaking, the shortened duration of SSL certificates from 1 September 2020 has the following effects:
- For Certificate Authorities: they can only provide certificates with a maximum duration of 398 days. If the browsers supplied by Apple, Google or Mozilla encounter a certificate with a longer duration, the certificate will give an error and the connection will be broken.
- For the owner of a website: they have to renew their SSL certificate annually rather than biennially.
- For end users: they will probably see more HTTPS errors in their browser on websites that have not yet applied this measure.
How does this affect you as a Combell customer?
- New customer: from September, you will no longer be able to place an order for certificates that are valid for multiple years.
- Existing customers: if you currently have a certificate that is valid for multiple years and you want to maintain that duration, do not worry: you do not have to do anything. In the background, we will ensure that the certificate is renewed annually on its last day of validity. In this way, you will continue to enjoy the special price for multiple years and, thanks to this additional service, you will always remain in possession of a valid certificate. If you so wish, in future years, you will still be able to opt for a multi-year certificate: unless we hear from you to the contrary, the new invoice will have the same duration as now, with the same advantage, and the same working in the background. No worries, and with the added advantage!