fbpx
Back to menu

Certificates

Certificates

Server Certificates
  • SSL/TLS Certificates

    SSL/TLS certificates encrypt information, verify identity, and strengthen consumer trust. We offer a range of certificates that cover every security need.

Software & App Certificates
  • Code Signing Certificates

    Code Signing removes the “Unknown Publisher” security warning and identifies the publisher of a piece of software or an application.

Email Certificates (S/MIME)
  • PersonalSign Certificates

    Secure your emails by applying a digital signature, encrypting your email content, or a combination of both.

Document Certificates
  • Document Signing Certificates

    Digital certificates that can be used to sign or seal digital documents like Adobe PDF files or Microsoft Office files.

Qualified Certificates
  • PSD2 Certificates

    As one of very few European providers, we offer QWAC and QSealC certificates that comply with eIDAS and PSD2.

Back to menu

Solutions

Our solutions

⚡ Discovery Tools
  • ⚡ SSL360®

    Our brand-new discovery tool SSL360™ provides total visibility and control of public-facing digital certificates across your organization: Inventory, track, monitor, and renew your certificates — all in one place!

Certificate Management

Our full range of certificate management solutions covers every need — from individual customers and startups needing one or two certificates and up to large companies looking for enterprise-grade solutions:

  • Customer Portal

    Advanced, on-demand certificate management.

  • Managed SSL

    Optimized for professional use, Managed SSL is designed around enterprise-specific security requirements.

  • Certificate Manager

    Certificate Manager fully automates the entire certificate management workflow.

  • Managed S/MIME

    For enterprise organizations looking to implement an enterprise-wide, secure email solution.

  • AppviewX Cert+

    The certificate and key lifecycle automation platform. Prevent outages and ensure constant network availability by gaining full visibility into and control over your PKI.

High-Volume Document Signing
  • Digital Signing Service

    Our cloud-based digital Signing-as-a-Service solution providing companies and organizations with an easy-to-deploy and cost-effective way to add digital signatures to their existing workflows.

eIDAS
  • eIDAS and PSD2 certificates

    As one of very few European providers, we offer QWAC and QSeal certificates that comply with eIDAS and PSD2.

SSL Certificate reseller

Want to expand your revenue stream and provide your customers with top-notch online security? Look no further than becoming a Trustzone SSL Certificate reseller partner.

Back to menu

Support

Our Support

Our Support and Service

Our first-class customer service and support is the core of our business. Read more about what we offer here.

Contact Support

Our friendly support team is ready to help you!

Knowledge Base 💡

Our collection of support content: How-to guides, Roots, Intermediates, and FAQs.

Certificate Tools

Our CSR/Certificate decoding tool with intermediate fetching

📈 Most Viewed:

How to enable TLS 1.2 on Windows Server 2008/2016

Read more
Back to menu

Insights

Insights

Articles

Occasionally, we share our take on the world of PKI and SSL/TLS encryption and authentification. Read our articles here.

Customer case stories

More than 3,000 companies have already trusted us with their certificates. Read about a couple of them here.

Events and live webinars

Sign up for one of our live webinars or product demos. We look forward to seeing you!

Back to menu

About

About

News

From time to time, new regulations and developments affect the PKI and SSL/TLS realm. Read our news updates about that here.

About Us

Our founders Jacob and Henrik started TRUSTZONE more than 15 years ago. Read more about our story here.

Our Partners

Our partnerships are an important part of our story and our business. Read more about our partners here.

Cookies & Privacy Policy
General Terms of Sale and Delivery
Support Service Level Agreement
Careers at TRUSTZONE
CSR
Contact Us
  1. Home
  2. Knowledge Base
  3. FAQs
  4. 1-Year (397 Days) Maximum SSL/TLS Validity

This FAQ answers some of the most common questions regarding the 1-year (397) days maximum SSL/TLS certificate validity change:

Overview


What’s changing?

Due to changes in Apple and Google Root Store Policies, as of September 1, 2020, newly issued SSL/TLS certificates with a validity period greater than 13 months (397 days) are prohibited by policy and will not be trusted.

Therefore, as of August 31, 2020, TRUSTZONE will stop issuing 2-year publicly trusted SSL/TLS certificates.


In summary, as of August 31, 2020:

  • TRUSTZONE will stop issuing 2-year publicly trusted SSL/TLS certificates

  • The maximum validity for all newly issued or reissued publicly trusted SSL/TLS orders will be 13 months (or 397 days).

  • The maximum validity of 13 months (or 397 days includes QWACs

  • 6-month certificate orders will be changed to have a maximum validity period of 7 months (or 214 days)

Note: We will continue to offer multi-year validity for Intranet SSL (privately trusted SSL/TLS).

When will this change go into effect?

August 31, 2020.


Existing 2 Year SSL/TLS Certificates

I have an existing SSL/TLS certificate with 2-year validity. Will it be trusted after September 1, 2020?

Yes, TLS certificates issued before September 1, 2020, with validity greater than 397 days will continue to be trusted until they expire.

What happens when I reissue an existing 2-year TLS/SSL certificate after this change goes into effect?

If you reissue a 2-year certificate after September 1, we will be required to limit the validity to 397 days. You can reissue the Certificate as needed in the future free of charge to reclaim the original validity time (see example below). This works the same way it did in 2018 when we went from 3-year maximum validity down to 2 years.


Let’s look at an example:

  • A 2-year SSL/TLS certificate is ordered and issued on August 1, 2020. It’s valid until August 1, 2022.
  • You reissue the certificate on September 15, 2020 (after the new maximum validity change has gone into effect). TRUSTZONE then has to truncate the reissued certificate for 397 days, changing the expiration date to October 17, 2021.
  • When the reissued Certificate is within 397 days of original expiration, you can reissue the certificate again to claim the remaining validity (the validity that was truncated).
  • You can reissue as many times as needed to regain the original expiration date (in this example August 1, 2022).

Please note that the EV reissue process is different due to the EV Guidelines (EVGL) requirements for reissuing certificates. While you can still reissue your certificates, they will be queued for manual review and we’ll need to verify that all validations are up to date before we can release it.

Impact on renewals and transfers

Can I still renew early or transfer a certificate from a competitor to receive a rollover/bonus time?

Effective August 31, 2020, when you order a 1-year SSL/TLS certificate, TRUSTZONE will automatically provide customers with the maximum validity of 397 days. Essentially, we are providing customers with a 1-year SSL/TLS certificate plus 30 days bonus automatically. This applies to new as well as renewal orders and provides maximum validity for our customers’ benefit.

When switching from a competitor to TRUSTZONE, the validity change means that we can no longer provide rollover time.

For early renewals: Given we can only provide a maximum of 397 days, we recommend that you renew your certificate within 30 days of expiration to avoid losing any rollover time. We will continue to allow customers to renew up to 90 days earlier; however, you will only receive a 397-day certificate. We will also adjust renewal email notifications to start at 30 days prior to expiration (instead of 90 days prior to expiration).

 

Was this article helpful?

Yes No