CAB Forum cuts SSL certificate validation term to two years

What does this mean for you?

In 2017 the CA/Browser (CAB) Forum voted to reduce the maximum lifespan of Domain Validation (DV) and Organization Validation (OV) certificates to 825 days, or 27 months. Why did the CAB Forum decide to cut the SSL certificate validation term to little more than two years?

By reducing the certificate lifespan, the CA/Browser Forum is expediting the deprecation of less secure security algorithms like SHA-1.

SSL Certificate Validation Term CalendarEffective March 1, all Certificates Authorities (CAs) are no longer issuing three-year Domain Validation (DV) and Organization Validation (OV) certificates. These include single domain, multiple domains (SAN/UCC) and wildcard certificate types under these plans. The Extended Validation (EV) SSL certificates are already using the two-year SSL certificate validation term limit.

To comply with the new regulation, all certificates issued by GoDaddy as of March 1 will have a maximum lifespan of 825 days.

You can find more details about the SSL certificate validation term changes at the CA/Browser Forum’s Ballot 193 – 825-day Certificate Lifetimes.

What happens if I purchased a three-year certificate before March 1, 2018?

If you have a three-year certificate issued before March 1, it will retain the three-year validity. There is no change to your plan. However, when your three-year SSL is due for renewal, it will automatically become a two-year SSL certificate, and you’ll be charged the two-year plan price.

Image by: Jon Moore on Unsplash

Lily Liang
Lily Liang is Director of Product Marketing for Security products at GoDaddy. She is on a mission to bring simple, affordable, yet powerful security solutions to anyone who owns a website. Lily enjoys trail running and being outdoors. In her spare time, she joins Reading Partners to help kids K-5 to become lifelong readers.