fbpx
Back to menu

Certificates

Certificates

Server Certificates
  • SSL/TLS Certificates

    SSL/TLS certificates encrypt information, verify identity, and strengthen consumer trust. We offer a range of certificates that cover every security need.

Software & App Certificates
  • Code Signing Certificates

    Code Signing removes the “Unknown Publisher” security warning and identifies the publisher of a piece of software or an application.

Email Certificates (S/MIME)
  • PersonalSign Certificates

    Secure your emails by applying a digital signature, encrypting your email content, or a combination of both.

Document Certificates
  • Document Signing Certificates

    Digital certificates that can be used to sign or seal digital documents like Adobe PDF files or Microsoft Office files.

Qualified Certificates
  • PSD2 Certificates

    As one of very few European providers, we offer QWAC and QSealC certificates that comply with eIDAS and PSD2.

Back to menu

Solutions

Our solutions

⚡ Discovery Tools
  • ⚡ SSL360®

    Our brand-new discovery tool SSL360™ provides total visibility and control of public-facing digital certificates across your organization: Inventory, track, monitor, and renew your certificates — all in one place!

Certificate Management

Our full range of certificate management solutions covers every need — from individual customers and startups needing one or two certificates and up to large companies looking for enterprise-grade solutions:

  • Customer Portal

    Advanced, on-demand certificate management.

  • Managed SSL

    Optimized for professional use, Managed SSL is designed around enterprise-specific security requirements.

  • Certificate Manager

    Certificate Manager fully automates the entire certificate management workflow.

  • Managed S/MIME

    For enterprise organizations looking to implement an enterprise-wide, secure email solution.

  • AppviewX Cert+

    The certificate and key lifecycle automation platform. Prevent outages and ensure constant network availability by gaining full visibility into and control over your PKI.

High-Volume Document Signing
  • Digital Signing Service

    Our cloud-based digital Signing-as-a-Service solution providing companies and organizations with an easy-to-deploy and cost-effective way to add digital signatures to their existing workflows.

eIDAS
  • eIDAS and PSD2 certificates

    As one of very few European providers, we offer QWAC and QSeal certificates that comply with eIDAS and PSD2.

SSL Certificate reseller

Want to expand your revenue stream and provide your customers with top-notch online security? Look no further than becoming a Trustzone SSL Certificate reseller partner.

Back to menu

Support

Our Support

Our Support and Service

Our first-class customer service and support is the core of our business. Read more about what we offer here.

Contact Support

Our friendly support team is ready to help you!

Knowledge Base 💡

Our collection of support content: How-to guides, Roots, Intermediates, and FAQs.

Certificate Tools

Our CSR/Certificate decoding tool with intermediate fetching

📈 Most Viewed:

How to enable TLS 1.2 on Windows Server 2008/2016

Read more
Back to menu

Insights

Insights

Articles

Occasionally, we share our take on the world of PKI and SSL/TLS encryption and authentification. Read our articles here.

Customer case stories

More than 3,000 companies have already trusted us with their certificates. Read about a couple of them here.

Events and live webinars

Sign up for one of our live webinars or product demos. We look forward to seeing you!

Back to menu

About

About

News

From time to time, new regulations and developments affect the PKI and SSL/TLS realm. Read our news updates about that here.

About Us

Our founders Jacob and Henrik started TRUSTZONE more than 15 years ago. Read more about our story here.

Our Partners

Our partnerships are an important part of our story and our business. Read more about our partners here.

Cookies & Privacy Policy
General Terms of Sale and Delivery
Support Service Level Agreement
Careers at TRUSTZONE
CSR
Contact Us

398 > 90 Days

Certifying your documents

March 8, 2023

5 min read

SSL validity decreasing to 90 days – are you ready for quadrupling your workload with SSL certificates?

In a move aimed at improving internet security, Google recently announced its intention to decrease the validity of public SSL/TLS certificates to just 90 days. This change is expected to have a significant impact on all users of the internet as SSL certificates are a fundamental part of online security used by 95% of all known websites globally.

The decision to reduce the maximum validity period for SSL/TLS certificates from 398 days to just 90 days was announced in March 2023 by Google. This change is intended to improve the security of online communication by reducing the potential impact of compromised or stolen certificates.

While the change potentially could improve security, it will for sure create additional work for website owners and administrators who will need to keep track of more frequent certificate renewals; an increase of 400% in workload to be precise. Overall, this change will have a significant impact on close to all organizations.

The reason for this change, as explained by Google, is to promote automation, optimize processes, mitigate CRL-issues, and promote the agility required to transition the ecosystem to quantum-resistant algorithms quickly. Essentially, this means that websites and online services will need to renew their SSL certificates every 90 days, quadrupling the workload required to maintain secure online communications.

What shorter SSL/TLS validity means for website owners

This announcement follows a similar move made by Apple in 2020, which announced that it intended to reject new SSL/TLS certificates issued on or after September 1, 2020, that have a validity of more than 398 days. Shortly after, both Google and Mozilla followed suit to enforce similar 398-day limits.

Despite overwhelming support from major browser makers, a proposal to reduce certificate lifetimes to one year was shot down in a CA/B Forum ballot in September 2019. However, Google has now taken the initiative to enforce a stricter limit, which most likely will prompt other major browsers such as Apple, Microsoft, Mozilla, and Opera to follow suit and announce similar validity decreases in the coming months.

This change is expected to have a huge and significant impact on all those involved in Certificate Lifecycle Management, particularly those who are invested in SSL/TLS certificate operations secure their business critical digital assets. Website owners, administrators, application owners, and many more will need to ensure that they keep track of more frequent certificate renewals to avoid disruptions in service and potential security breaches.

In addition to the serious workload implications, this change may also create compatibility issues for older devices or systems that are not capable of handling the shorter certificate lifetimes. This could have a significant impact on businesses and individuals who rely on older technology to access the internet.

The decision to reduce the validity of SSL/TLS certificates to just 90 days is a significant change that will have a major impact on the digital certificates industry.

The reason for shorter SSL/TLS certificate lifespans

Despite the potential challenges posed by this change, it is ultimately intended to improve the security of online communications and ensure that websites and online services are as secure as possible. By reducing the maximum validity period for SSL/TLS certificates, Google hopes to minimize the impact of compromised or stolen certificates and promote the adoption of more secure encryption algorithms.

Website owners and administrators who rely on SSL/TLS certificates to secure their online communications should begin preparing for the upcoming changes by ensuring that they have systems in place to manage the more frequent certificate renewals. Additionally, they should ensure that their websites and online services are compatible with the new, shorter certificate lifetimes to avoid any potential disruptions in service.

In conclusion, the decision to reduce the validity of SSL/TLS certificates to just 90 days is a significant change that will have a major impact on digital certificates industry. While this change will create a huge additional workload for organizations, it is ultimately intended to improve the security of online communications and ensure that websites and online services are as secure as possible. By adopting more secure encryption algorithms and minimizing the impact of compromised or stolen certificates, Google hopes to promote a safer and more secure internet for all users by using the stick instead of the carrot.

This article is based on this link.

If you have any questions about how these changes may uniquely affect your organization or website, please don’t hesitate to contact us – just fill out the contact form below: