SSL certificates soon only valid for 1 year

A while ago, Safari (Apple’s browser) put a bomb under the validity of SSL certificates. From September 1st 2020, Safari will no longer accept SSL certificates with a validity of more than 1 year, issued after September 1st 2020.

SSL certificates are an integral part of the security of your website. Such a certificate ensures that visitors to your website can securely exchange data with your web server. Certainly on websites where a password is requested or on web shops where payments are made, it is crucial to have such a certificate: after all, this ensures that all this sensitive information is protected.

Currently SSL certificates can be issued for a period of 2 years. Therefore, certificates issued after September 1st 2020 for a period of more than 1 year will no longer be accepted by Safari. Websites with such a certificate will be shown as unsafe in Safari.

It may therefore be worthwhile to check at the end of August which of your certificates will expire in the coming weeks and then renew them for another 2 years. After all, these websites will also be shown as safe in Safari as their certificate was issued before September 1st 2020. From September 2020 onwards you will have to reinstall your certificates every year, if you want your website to be shown as safe in Safari. Moreover, the chances are very high that other browsers will follow the example of Safari.

It is not the first time that the validity of SSL certificates has been reduced. In March 2015, the maximum validity period changed from 5 years to 3 years. In March 2018, it was limited to 2 years. From September 2020 onwards, Safari will limit this to 1 year.