No more 3 Year SSL Contract

To implement higher security the validity of SSL certificates has been reduced to 2 years. This was decided by the Certificate Authority/Browser Forum (CAB Forum), a regulatory body made up of CAs and Browser.

Validity Shortened for Greater Website Security

Having decided by the CA/Browser Forum Ballot 193 in the year 2017 to reduce the validity from 3 years to 2 years for all OV, DV and EV certificates, which is effective from 1st March 2018, as was done in 2015 , when it was reduced from four years to 3 years. This cannot be inferred to be a nefarious move by the CA ‘s to sell more SSL certificates, but to increase website security.

Chrome browser owned by Google, the most popular browsers have been in favor of shortening the validity period, to ensure higher level of website security. Recently Google has given a deadline of July 2018, after which HTTP websites will be shown as “not secure”. Also recently, SHA1 is replaced by SHA 2 which is the latest signature algorithm, accepted by all the browser, to ensure regular re-validation with updated information.

In case you are holding a 3 year OV or DV certificate, it will be valid for the full term. But no new certificate will be issued from 1st March 2018.

A three-year validity certificate also has a problem of re-issue, this has to be done when one has to add a domain name, to remove domain name from the certificate, any change in company information or a duplicate issuance of original certificate.

In the world of encryption technology, evolving every day, to keep up with the high levels of security. It is necessary to maintain a shorter period of validity.