Apple will stop trusting 2-year SSLs – here’s what it means for you

In February 2020, Apple announced that they would be limiting the allowed lifetime of SSL certificates in their Safari browser from September 1st 2020. The new allowed validity period will be 398 days, which basically amounts to a one-year certificate. 

Why the sudden change? Well, there are a number of security benefits to giving shorter lifespans to SSL certificates. It means that SSLs will be issued more frequently, which in turn means that Certificate Authorities will perform checks on website owners more frequently. SSL key rotation will also be more frequent. All this adds up to a more secure, trustworthy SSL certificate. 

In June of this year, Google announced they would be following suit for its Chrome browser, and in early July, Mozilla announced that it would be doing the same. It is expected that all major web browsers will soon join them. 

This means that soon there will be an industry-wide change to the lifespan of SSL certificates issued from September 1st onwards. 

What this means for customers

Here at, we are going to do everything we can to make these changes as smooth as possible for our customers, keeping everyone informed along the way. The key takeaway is this:

In mid-August, we will start to limit the lifespan of SSLs we issue to one year. 

We will inform our customers before this change is implemented to ensure that everyone is aware of what’s going on.

Those who purchase or activate SSLs for two or more years after we shorten the validity period to one year, will need to reactivate their certificate every year. We’ll notify you when your SSL needs to be reactivated, so you don’t need to worry about your SSL suddenly expiring. 

What if I already have an SSL for 2 years? 

Thankfully, it shouldn’t impact you much. All SSLs issued for two years prior to September 1st will be valid until their current expiration. 

However, if you already have a two-year SSL and want to have it reissued after August 18th, the SSL issued will have a 398-day maximum validity period. If you have more than 398 days remaining on your certificate, then you will need to reactivate your SSL before the first 398 days are up to use the remaining period. If at the time of reissue your SSL has less than 398 active days left, then the SSL will just be reissued for the number of days you have left in your validity period.

Wrap Up

Change can be a pain, but we will ensure that this change is as seamless as possible. We will keep you informed every step of the way, and will notify our customers when it’s time for certificate reactivation or renewal, well in advance.

Share on Twitter, Facebook, Google+