SSL Maximum 3 Year Validation Periods Beginning April 1, 2015

In a continuing effort to increase the security of SSL/TLS, Certificate Authorities will no longer be issuing certificates for periods longer than 39 months. Beginning in April, per the CA/Browser Forum’s Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates (Section 9.4), all Domain Validated and Organizational Validated certificates will be issued for a maximum 3 year period with an additional 3 months available if a certificate is being renewed early.  Extended Validation certificates will continue to be issued for a maximum 27 month period (2 years and up to 3 months for early renewal).

The new issuance restriction of 39 months applies to all vetted information as well.  If you install a certificate before April 1 that is valid for longer than a 39 month period, and later find that you are in need of a reissue of the certificate after 39 months has passed, your business and domain information will need to be re-vetted.  It is best to remember to back up your keys to prevent the need for a reissue. This new policy helps to ensure all business and domain information for a certificate is correct, consistent and updated in a timely manner if need be.

For more information and the most recent updates from the CAB, follow this link.