Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


20170406 - Ballot 193 from CA/B forum

Early March the CA/B forum voted and validated the ballot 193 that planned a reduction of the maximum authorized lifetime for Domain validated and Organization Validated certificates (Extended Validation have already a lifetime of 2 years tops).

It will be reduced to 27 months (it is currently 39 months maximum).

What is the dealine?

The date to remember is March 1st, 2018. From this date it won't be possible to issue certificates valid more than 27 months (825 days to be precise).

What consequences?

This Baseline Requirements amendment will have several impacts on newly issued certificates but also on already valid ones:

  • As of March 1st, 2018 it won't be allowed to issue certificates valid more than 27 months

  • The reissuance of a certificate that had been issued more than 27 months before won't be allowed

  • The reissuance of a certificate that is scheduled to expire more than 27 months later will automatically induce a truncation of the certificate.

Which are the products impacted?

Every server SSL certificates are going to be affected by the standard evolution. The client certificates are not, and (for the moment) the code signing certificates has not been mentionned.

The Certification Authorities

Each CA is likely to set up its own schedule. If so, they will be displayed below.

GlobalSign

First CA to communicate, GlobalSign has already a calendar and will remove early 3 years valid certificates from its range in order to prevent truncations in the future.

That's the reason why 3 years valid GlobalSign certificates will disappear as of Avril 20, 2017.

NOTE: GlobalSign also announces disruptions during the oncoming couple of months for reissuance requests.

Certigna

Certigna certificate cannot be reissued more than 3 months after their delivery so they won't be affected much by this new measure. We will keep sales 3 years valid SSL certificates until the end of 2017.

The other CAs

In order to prevent reissuance issue in 2018, all SSL server certificates will be remove from our catalog not later than the 1st of May 2017.

Useful links