DigiCert to End-of-Life 3-Year SSL/TLS Certificates
9 February, 2018 - To prepare for the upcoming industry-wide deprecation of 3-year certificates, DigiCert will stop accepting new 3-year public SSL/TLS certificate orders (requests) on February 20, 2018.
The industry change limits the maximum allowed length of a public SSL/TLS certificate to 825 days (approximately 27 months).
After February 20, 2018, DigiCert will only offer 1 and 2-year versions of the following certificates :
- Standard SSL
- Multi-Domain SSL
- Wildcard SSL
What happens to my existing 3-year SSL certificates?
All existing 3-year SSL certificates retain their maximum 36- to 39-month certificate validity. They will be valid until they expire.
What happens when I need to reissue a 3-year SSL certificate?
After February 28, 2018, all reissued certificates (including duplicates) can only have a maximum validity of 825 days (approximately 27 months).
- For 3-year SSL certificates with 825 days or less remaining until they expire, the reissue process works as you'd expect – the reissued certificate retains its maximum validity and has the same expiration date as the "original" certificate.
- For 3-year SSL/TLS certificate with more than 825 days remaining until they expire, the reissue process will require an additional reissue step.
When you reissue a certificate with more than 825 days remaining until it expires, the reissued certificate will have a maximum validity of 825 days and will expire before the "original" certificate.
To get the expiration date of a reissued certificates back in sync with the "original" certificate, reissue the out-of-sync certificate at least one time during the "original" certificate's final 825-day period. Then, the reissued certificate's expiration date will be the same as the original certificate's expiration date.
For questions or concerns about 3-year SSL/TLS certificate reissues, please contact Unox Solutions support team. We will work with you to address any certificate validity issues and pricing discrepancies.