SSL Certificate Validity Will Be Limited to One Year

You may have read recently articles regarding Apple reducing the maximum allowed lifetime of TLS server certificates, Apple has released its official Knowledge Base article on this subject which can be found here.

What does this mean for users?

For your websites to be trusted by Safari, you will no longer be able to use publicly trusted TLS certificates with validity periods longer than 398 days after 30th August 2020. Any certificates issued before 1st September 2020 will still be valid, regardless of the validity period up to 825 days.

What are Jisc doing?

From the 1st of September Jisc will be removing the 2 year option from the certificate portal. Currently the Certificate Authority DigiCert + QuoVadis have indicated they will still continue to issue 2 year certificates, however this decision may need to be re-addressed if other browsers follow suit with Apple. Jisc have taken the decision to remove the 2 year option to ensure all certificates issued from the 1st September 2020 will be supported across all browser.

Will Jisc reduce cost of certificates?

Our pricing is highly competitive compared to the commercial market and we have never differentiated by price for different validity periods for high assurance certificates. Our costs for the service are not decreasing with our supplier for this change so we are unable to reduce our prices. Jisc’s goal is to keep the costs to a minimum and we are working hard on this for the future of the service in 2021 which we hope to announce soon.

You can of course continue request/renew any certificate between now and midnight of the 30th August 2020 to maximise the current 2 year validity period in all browsers.

If you have any further questions please do not hesitate to contact us at certificates@jisc.ac.uk