GlobalSign Blog

12 Mar 2015

SSL Certificate Validity to be limited to 39 months

As stated by the CA/B Forum, no later than 1 April 2015, certificates must be limited to a maximum validity of 39 months

Limiting certificate validity periods is a good move for the industry because it requires administrators to adopt the most up to date security practices (e.g., algorithms, key sizes, etc) that often get deferred to when the certificate is renewed

Throughout 2014, both the CA/B Forum and GlobalSign have been strongly recommending that customers and partners stop issuing 4-5 year certificates to avoid truncated certificate validity periods if a 4-5 year certificate is reissued after the CA/B forum deadline.

How this change impacts GlobalSign customers 

Beginning from the 30th of March 2015, GlobalSign will no longer offer 4 and 5 year certificates and will limit free months from renewal and trade-in to comply with this new industry requirement

Certificates containing a validity period of more than 39 months may continue to be used after April 1st, 2015 without new limitations; however, if you reissue a certificate with more than 39 months remaining it will be truncated to 39 months.  If this happens, customers can reissue the certificate again at a later time, preferably with fewer than 39 months remaining, to automatically recover the lost validity.

This is also an excellent time to convert all of your SHA-1 SSL certificates to SHA-256 in order to avoid new browser warnings. Reissuing is quick, easy and free.

If you have any questions or concerns about the validity period of your certificates, please don't hesitate to contact the GlobalSign Support team.

Share this Post

Subscribe to our Blog