Latest news with #SecureSocketsLayer
Associated Press
21-04-2025
- Business
- Associated Press
47 Day SSL Certificate Lifespans Sparks 'Next Y2K' Concerns; CABForum Vote Accelerates Change
The maximum lifespan for SSL certificates is being rapidly reduced, a change formalized by a CABForum vote on April 11, 2025. Starting with a drop to 200 days in March 2026 and eventually reaching just 47 days by March 2029, this aims to improve security through more frequent validation. However, the accelerated pace raises concerns about potential widespread website outages due to the increased renewal burden, drawing comparisons to the Y2K bug. The cybersecurity landscape is bracing for a significant and accelerated shift as the maximum lifespan for Secure Sockets Layer & Transport Layer Security (SSL/TLS) certificates undergoes a substantial reduction. This change, driven by the need for enhanced online security through more frequent validation, gained significant momentum following a vote by the CA/Browser Forum (CABForum) on April 11, 2025. The CABForum, the industry consortium that governs the issuance of SSL certificates, overwhelmingly approved Ballot SC-081, setting in motion a timeline for dramatically shorter certificate validity periods. This development has some experts concerned about potential widespread website outages and operational disruptions, drawing parallels to the Y2K millennium bug. Currently, the maximum validity period for a Transport Layer Security (TLS) certificate stands at 398 days. However, the CABForum vote has solidified a phased reduction schedule: This progressive shortening of certificate lifespans aims to limit the window of opportunity for the misuse of compromised certificates and encourages the adoption of more automated certificate management practices. However, the increased frequency of required renewals, mandated by the CABForum's decision, presents considerable logistical challenges for website owners and system administrators. Concerns are mounting that many organizations, particularly those with complex infrastructures or less automated systems, may struggle to manage the escalating renewal burden. The comparison to the Y2K bug arises from the potential for widespread, unforeseen consequences stemming from a seemingly technical adjustment. Just as the transition to the year 2000 exposed vulnerabilities in systems reliant on two-digit year formats, the rapid increase in certificate renewals, now formalized by the CABForum vote, could expose weaknesses in organizations' IT management processes. The fear is that a failure to adapt swiftly could lead to a significant increase in expired certificates, rendering websites inaccessible and eroding user trust. Fortunately, solutions are emerging to help organizations automate SSL certificate management and mitigate the risks associated with frequent renewals. Products like the Sectigo ACME SSL Certificate and the Verokey ACME Automation Certificate from SSLTrust offer cost-effective ways to streamline the renewal process, reducing the burden on IT staff and minimizing the potential for errors. These solutions leverage the Automated Certificate Management Environment (ACME) protocol to automate certificate issuance and renewal, ensuring continuous website security and availability in the face of the CABForum's new regulations. The recent CABForum vote underscores the urgency for all website operators to proactively embrace automation and adapt their certificate management strategies to ensure continued online security and accessibility and to potentially avoid a 'next Y2K' scenario. About SSL Certificates: SSL certificates are digital certificates that authenticate a website's identity and enable an encrypted connection. They are essential for securing online transactions, protecting user data, and building trust on the internet. Media Contact Company Name: Keyko Pty Ltd Contact Person: Paul Baka Email: Send Email Country: Australia Website: Press Release Distributed by To view the original version on ABNewswire visit: 47 Day SSL Certificate Lifespans Sparks 'Next Y2K' Concerns; CABForum Vote Accelerates Change
Zawya
25-03-2025
- Business
- Zawya
Maximize website encryption with GoDaddy's 90-day automated SSL certificates
Dubai, UAE -- GoDaddy has announced the launch of 90-day reissuance, fully installed and managed Secure Sockets Layer (SSL) certificates with five encryption refreshes annually, making GoDaddy the first certificate authority to offer this time-saving solution. SSL certificates are essential for anyone with a website, especially small businesses, entrepreneurs and larger businesses. They protect sensitive customer data and maintain trust in online transactions. SSLs authenticate the identity of a website and encrypt information sent to the server. 'As a global leader in website security, with over 100 million active SSL certificates, the introduction of automated 90-day SSL certificates ahead of any industry requirements is another way that GoDaddy is anticipating the needs of its customers and leading the way,' said Selina Bieber, Vice President of International Markets at GoDaddy. 'By automating SSL management, we're making security easy for everyone, ensuring our customers stay ahead of potential risks with minimal effort," added Bieber. Currently, many SSLs purchased from certificate authorities require manual re-installation over the lifecycle of a one-year certificate. This process can be time-consuming, require external support, and fall to the bottom of busy entrepreneurs' to-do lists. Now, with a GoDaddy fully Managed SSL, a do-it-for-you service, customers no longer need to worry about these cumbersome steps. GoDaddy handles every aspect of SSL lifecycle management, from installation to issuance and renewal—delivering effortless website encryption and protection. GoDaddy's 90-day SSL certificates automatically renew and reinstall every three months, eliminating the manual steps typically required by other SSL solutions. This fully automated process not only reduces the burden for website owners but ensures continuous protection without disruption. While 90-day certificates are not yet an industry requirement, GoDaddy recognizes the positive impact that SSLs with encryption that is refreshed five times per year will have on its customers' business growth and privacy concerns. This also takes into account the role automation can play in ensuring the heavy lifting of re-installing the certificate more frequently is in the hands of the certificate provider. GoDaddy's managed SSL certificate automates the entire process, meaning customers don't have to manually select, install, or manage their 90-day SSL certificates, while getting the benefit of five encryption refreshes, annually. To learn more about GoDaddy's SSL certificate support across all Website Builder, Managed WordPress, and multi-site Web Hosting plans, click here. To read more on GoDaddy's 90-day certificates, click here. About GoDaddy GoDaddy helps millions of entrepreneurs globally start and scale their businesses. People come to GoDaddy to name their idea, build a website and logo, sell their products and services, and accept payments. GoDaddy Airo®, the company's AI-powered experience, makes growing a small business faster and easier by helping them to get their idea online in minutes, drive traffic and boost sales. GoDaddy's expert guides are available 24/7 to provide assistance. To learn more about the company, visit
