Starting 1 September 2020, Certificate Authorities (CA) will no longer be issuing SSL/TLS certificates with validity periods longer than one-year. Apple Safari, Google Chrome, Mozilla Firefox will distrust and show errors for new SSL/TLS certificates that have a lifespan greater than 398 days.

Any SSL/TLS certificates issued prior to 1 September 2020 are not affected by this change. They will remain valid for the entire two-year period and will not need to be replaced or reissued.

This only applies to public SSL/TLS certificates. Private-root and other types of certificates (e.g. Code Signing Certificates, S/MIME certificates, etc.) will be unaffected and will have the same maximum validity that they have today.


  • Published In: News
  • Created Date: 2020-07-23
  • Hits: 245
  • Comment: 0