News
Knowledgebase
FAQ: Maximum Certificate Terms of 27 months

FAQ: Maximum Certificate Terms of 27 months

Q:        Why will Comodo stop issuing 3 year certificates?

A:         This is an industry-wide directive which affects all certificate authorities. In accordance with the CA/Browser Forum Baseline Requirements, effective March 1st 2018, Certificate Authorities (CAs) will no longer be able to issue SSL Certificates with a validity period longer than 27 months.

Q:        When will the 2-year maximum term limitation take effect?   

A:         March 1st 2018

 

Q:        Is Comodo the only certificate authority to stop issuing 3 year certificates?

A:         No, the requirement applies to every CA. If a certificate is issued after March 1st 2018 with a validity period of greater than 27 months, then the issuing CA will be in breach of the requirements.

 

Q:        Can I renew a 3 year certificate and get another one for the same duration?

A:         Yes, you can renew or replace an existing 3 year certificate after March 1st 2018, but to make up the full duration, we will issue one certificate for 27 months then a second certificate valid for the remaining time. So, for example, if you renew/replace a certificate with 3 year duration, we will issue a 2 year cert followed by a 1 year cert when the first one expires.

 

Q:        What if I already paid for a 3-year term?  Does that purchase get honored?

A:         Yes. If you purchased the certificate before March 1st 2018, then nothing will change. Your 3 year cert will remain valid for its full lifetime. If you decide to replace this certificate after March 1st 2018, or it comes up for renewal, then the new laws come into play.

In summary:

  • If you purchased a 3 year certificate before March 1st 2018, then nothing will change. The certificate will remain valid throughout its full lifetime. 
  • If you renew/replace an existing 3 year certificate AFTER April 1st, then we will initially issue a 2 year certificate. When this nears expiry we will issue another certificate valid for the remaining time. You can claim this 2nd certificate by logging into your account and clicking the ‘Replace’ link when the 2 year cert is close to expiry.
  • All new certificate purchases after March 1st 2018 will be for a maximum of 27 months.

 

Q:        Does the 2-year maximum term limitation apply to all certificate types (single domain, wildcard, Extended Validation and UCC/MDC)?

A:         Yes, it applies to all website certificate types. EV certificates have a maximum duration of 2 years anyway, so they are already compliant.

 

Q:        Does the limit apply to code signing certificates?

A:         No, the limit does not apply to code signing or EV code signing certificates, which will retain a 3 year maximum validity period.

 

Q:        How will I get the remaining time if renew/replace a 3 cert after March 1st 2018?

A:         When your initial, 27 month, certificate is nearing expiry, log into your account, locate your order and click the ‘Replace’ link. You will be issued with a certificate valid for the remaining time.

For official notification and additional information, please visit TLS/SSL Maximum Validity Period Policy Change and Additional FAQ

(3 vote(s))
Helpful
Not helpful

Comments (0)
Help Desk Software by Kayako
© 2018 Comodo Security Solutions, Inc. All rights reserved.