27 Months Maximum Certificate Validity
Starting March 1, 2018, all SSL certificates will have a maximum validity period of 27 months. This new requirement was set by the Certificate Authority and Browser (CA/B) Forum which develops and establishes requirements for Certificate Authorities that issue publicly trusted certificates.
Certificates issued after March 1, 2018 will have a validity period no longer than 27 months. Due to this decision by the CA/B, Namecheap introducing the following changes starting February 26, 2018:
- If you purchase a 3-year SSL before Feb. 26, 2018, and activate it before the end of the month, the certificate will be issued for the full duration and there will be no change to your current agreement.
- If you purchase a 3-year SSL certificate before Feb. 26, 2018, but fail to activate it before the end of the month, you will need to contact Support to have that certificate refunded and to purchase a 2-year cert instead.
- If you reissue a 3-year SSL certificate after March 1, 2018, the reissued certificate will be restricted to a maximum validity of no more than 27 months. However, you will be able to reissue it again before this 27-month validity period expires in order to get the additional months remaining on your SSL.
- If you start a reissue for a certificate that was purchased with a validity period of longer than 27 months, its validity time will be adjusted to 27 months during reissue. However, the extra time left from the initial purchase can be obtained with future reissues of the same certificate. For example, a 3-year certificate purchased on February 25, 2018, is valid until February 25, 2021. Then, in April 2018, it is reissued and the certificate duration time gets shortened to 27 months with a new expiration date of July 2020. If the certificate is reissued again before the new expiration date, then the months removed in the first reissue will be added back to the certificate (on the condition that duration of the newly provided certificate is not longer than 27 months).
- If the certificate is not renewed before the expiration date, however, the remaining time will be lost without any refund.
Considering technical changes in the Certificate Authorities' workflow, it will also not be possible to purchase additional SAN names for Multi-Domain certificates with a 3-year duration.
You can read the full text of CA/B Forum Baseline Requirements here.