SSL certificate validity officially limited to one year

As we announced several weeks ago, the maximum lifespan of an SSL certificate will be reduced to 12 months starting September 1, 2020 following a decision made by the most popular internet browsers in order to shore up web security. To get out ahead of this new rule, Sectigo, our partner Certificate Authority (CA), decided to apply this new restriction starting Tuesday, August 18, 2020. As such, starting today at 16:00 UTC (9:00 AM Pacific), all certificates purchased via Gandi are valid for just one year. However, you will soon be able to take out a subscription for a period of 2 years, but each year the certificate owner will need to re-issue their certificate in our interface in order to ensure it remains valid for the entire two year period.

Our alternative: 2 year subscription

To limit the impact of this new rule, we’ve implemented a new subscription system that lets you buy a certificate for 2 years. By subscribing, you’ll get preferential pricing on the same model as previously. This solution doesn’t exclude, however, the necessity to re-issue the certificate before the end of the period of validity. If you choose to subscribe to the 2 year service, we’ll send you an email 30 days before the end date of your first year (the purchase date + 398 days) to invite you to re-issue your certificate. Re-issuing your certificate will be necessary in order for you to benefit from the protection of the certificate for the second year of your subscription. You will need to follow the verification procedure required for the certificate type you choose. If you use Gandi’s automatic certificates (via our Simple Hosting platform), re-issuing will be launched without any action required on your part. You’ll just need to complete the verification.

Certificates issued for 2 years before August 18, 2020

Certificates issued before September 1, 2020 for two years will not be impacted by this change and will still be considered secure by the different browsers. If you are a Gandi customer and have a 2 year certificate with us and you would like to regenerate it, please contact our Customer care team first.

What about the API and Gandi v4?

If you buy your certificates via Gandi’s legacy platform or via the API, the only option going forward will be to purchase one-year certificates. Feel free to contact our Customer care team if you have any questions. You can reach them at https://help.gandi.net/. Tagged in Securityssl