News

    SSL certificates only valid for one year

    31.07.2020

    Apple, Google and Mozilla have announced that their world-leading browsers Safari, Chrome and Firefox will no longer trust two-year SSL/TLS certificates issued after August 31, 2020.

    Since a website without a valid SSL certificate are distrusted by users and search engines, we will only provide SSL/TLS certificates with a one-year validity period. All our SSL/TLS product brands are affected: Sectigo, DigiCert (formerly "Symantec"), GeoTrust, Thawte and RapidSSL.

    SSL encryption important for data security

    If a website does not use an SSL certificate, all sensitive data (passwords, credit card numbers, etc.) is sent in clear text. This makes them readable and can be intercepted by third parties. If the security technology SSL, short for Secure Sockets Layer, is used, the data is encrypted during transmission using an HTTPS protocol.

    SSL certificates only valid for one year

    If a secure connection has been established between the domain server and that of the website user, they communicate securely via the mechanism provided by the SSL protocol. In the meantime, the user's data cannot be intercepted by a third party. If the secure connection is interrupted, the SSL protocol is deactivated.

    SSL certificates are offered in different security levels. Which certificate fits best depends on the intended use and how sensitive the data to be encrypted is.

    Advantages of a shorter registration time

    Originally, SSL Certificates had a lifetime of 8 years. Due to the rapid growth of the Internet and the higher prioritisation of security-related aspects, it was gradually reduced to five, three and two years.

    Positive consequences of the shortened validity period are that SSL Certificates are updated faster, new Certificate keys are created more often and compromised Certificates are detected more quickly.

    What does this mean for users?

    Certificates must be updated annually in the future. However, the additional effort is offset by the increased security and the possibility of an annual check of the certificates in use to see if they are still sufficient.

    Changes come into force on August 18

    From September 1, 2020, most Certificate Authorities will only issue SSL/TLS certificates with a validity period of one year. However, since a certification authority will no longer offer 2-year SSL/TLS certificates from August 19, BrandShelter will discontinue the offer of 2-year SSL/TLS certificates from August 18.

    If your certificate was issued on or before August 18, 2020 it will not be affected by this update. If you already have a two-year SSL registration you do not need to change anything. However, when the certificate expires, you will need to replace it with an SSL certificate with a lifetime of one year or less.

    Our team will be happy to advise you on SSL certificates.