News
Security
Solutions

SSL Certificates: duration could be reduced to 45 days by 2027

Elena Moccia
24/10/2024

Apple has proposed a gradual reduction in the maximum duration of public SSL/TLS certificates. The current duration is one year (398 days). By 2027, it could be reduced to just 45 days. Additionally, the reuse period for Domain Control Validation (DCV) could drop to just 10 days. These changes will heavily impact how businesses manage SSL/TLS certificates. Let’s explore their significance.

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) certificates secure internet communications. When you visit a secure website, the SSL/TLS certificate encrypts data between your browser and the server. This is vital for websites handling sensitive information like credit card details, personal data, or login credentials.
Certification Authorities (CAs) issue public SSL/TLS certificates, which browsers and operating systems trust.
This guarantees that the website is secure.
To issue an SSL/TLS certificate, you must prove domain control through Domain Control Validation (DCV).

Why are these changes happening?

Currently, public SSL/TLS certificates have a validity of about one year (398 days).
usinesses only need to renew them once a year. Domain validation also happens annually.
With Apple’s proposed reduction, businesses would need to renew certificates eight times a year. DCV would need to happen every 10 days.
Google also supports shorter durations and plans to reduce certificate lifespans to 90 days. Both companies aim to improve security and keep encryption up to date.

Reducing certificate duration boosts online security. Shorter certificates lower the risk of compromised or expired certificates staying active.
The shorter DCV period ensures only legitimate domain owners can maintain certificates.

Impact on businesses and key challenges

Businesses must adapt because managing renewals every 45 days and repeating domain validation every 10 days manually will not be feasible.
Automation is the solution.
Companies need to implement Certificate Lifecycle Management (CLM) tools to handle these processes.

Qboxmail offers a solution to help with the Private Label service allows clients to customize email services (POP, IMAP, SMTP, DAV, Webmail, and Control Panel) with their own domain. This ensures SSL certificates remain valid and up to date.

We use cookies to provide you a better browsing experience, by continuing you accept their use. For more information visit the Privacy policy page.

Accept