Aller au contenu
xreveillon.eu

Shortened duration for SSL Certificates

Shortened maximum duration for SSL certificates

Updated on July 9, 20252 min read

Shortening of SSL Certificate Duration

Starting March 15, 2025, and gradually until March 15, 2029, the maximum duration of SSL certificates will be reduced to 47 days. This decision aims to strengthen the security of online communications and encourage more proactive certificate management.

SSL Certificate Validity Periods Over Time:

DateMaximum validity period
09/01/2020398 days
03/15/2026200 days
03/15/2027100 days
03/15/202947 days

Sources:

What does this mean?

Business model

Even today, the business model (for paid SSL certificates) is based on the “sale” of certificates valid for 1 year, with a price per certificate. This system will have to change and move to a pricing model per domain name.

Certificate management

AUTOMATION! With such a short duration, it becomes mandatory to implement automation for SSL certificate renewal. The best-known protocol for this is ACME, developed by the IETF’s ACME Working Group.

Are my “internal” certificates affected?

No, self-signed certificates or those issued by an internal certificate authority are not affected by this new regulation; browsers will continue to trust these long-duration certificates. However, it is recommended to follow best security practices and renew these certificates regularly.

Comments