News
Security
Solutions

SSL Certificates: duration could be reduced to 45 days by 2027

Elena Moccia
24/10/2024
SSL/TLS Certificate Duration – A visual representation of website security, highlighting the importance of HTTPS encryption and certificate validity.

Apple has proposed a gradual reduction in the maximum validity period of public SSL/TLS certificates.
The current duration is one year (398 days), but by 2027 it could drop to just 45 days.
The reuse period for Domain Control Validation (DCV) could also decrease to 10 days.
These changes will significantly affect how companies manage their SSL/TLS certificates.

How SSL/TLS Certificates Work

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) certificates protect online communications.
When you visit a secure website, the certificate encrypts data exchanged between your browser and the server. This process safeguards sensitive information such as payment data, personal details, and login credentials. Certification Authorities (CAs) issue these public certificates, which browsers and operating systems recognize as trusted.
Before issuing a certificate, the applicant must verify domain ownership through Domain Control Validation (DCV). Once validated, the certificate confirms the authenticity of the website and enables encrypted connections.

Why These Changes Matter

At present, SSL/TLS certificates remain valid for about one year.
Most businesses renew them once annually, and DCV follows the same schedule.
Apple’s proposal would reduce that renewal cycle to every 45 days, while DCV would need to occur every 10 days.
Google supports shorter certificate lifespans as well and plans to move toward 90-day validity.
Both companies aim to strengthen security by keeping encryption keys fresh and reducing the chance of outdated or compromised certificates remaining active.

Shorter validity improves online security.
It minimizes the risk that a stolen certificate or private key can be used for a long time.
Frequent DCV also ensures that only legitimate domain owners maintain active certificates.

Impact on Businesses

Renewing certificates every 45 days and validating domains every 10 days will be impossible to manage manually.
Companies need automation to keep certificates updated without disrupting operations.
Implementing Certificate Lifecycle Management (CLM) tools can simplify renewals, prevent downtime, and maintain compliance with browser requirements.

How Qboxmail Helps

Qboxmail already supports these best practices through its Private Label service.
This option allows clients to customize all email access points (POP, IMAP, SMTP, DAV, Webmail, and Control Panel) using their own domain names.
The system automatically manages SSL certificates for those domains, keeping them valid and renewed on time.
This automation ensures that every connection stays secure and compliant with evolving standards.

Looking Ahead

The proposed reduction in certificate duration highlights the growing need for automation in security management.
Companies that adopt automated systems early will handle the upcoming transition smoothly and maintain the highest level of protection for their users.

We use cookies to provide you a better browsing experience, by continuing you accept their use. For more information visit the Privacy policy page.

Accept