SSL Certificates Restricted to One Year
On September 1, 2020, the industry stopped issuing 2-year public SSL/TLS certificates. The new maximum validity for public DV, OV, and EV SSL/TLS certificates is 398 days (approximately 13 months). All Certificate Authorities must comply with this new limit and are no longer offering certificates for more than 1 year.
Why Can I Buy Multiple Year Certificates?
Although SSL can only be valid for one year, we are able to offer a kind of “subscription” service that allows you to purchase SSL coverage for two or more years.
When you first validate your SSL certificate, it will be valid for just one year in compliance with the industry standard. You may re-issue your SSL certificate at any time to extend the expiration date as far as possible, within the 1-year restriction.
You will need to re-issue and re-install the certificate at least once per year to extend the expiration date further, until you have used all of the time purchased.
When Can I Renew My Certificate?
Along with the shortened time period allowed on SSL certificates, the early renewal period has also changed. Previously, you could renew your SSL up to 90 days prior to expiration. The new early renewal period starts within 30 days (one month) of the certificate’s expiration. You may renew your SSL up to 30 days early to benefit from the renewal time rollover provided by the CA.
What About Other Types of Certificates?
Code Signing, Email Signing, and Document Signing certificates are not impacted by this change, and can still be issued up to 3 years per certificate. Only SSL certificates have been limited to 1 year.