- Published on
3 Pros and Cons of the 90-day SSL Certificate
- Authors
- Name
- Alex Lee
- @alexjoelee
The 90-day SSL Certificate
90-day SSL certificates, which are also known as short-term validity SSL certificates, have several advantages:
Enhanced Security: Shorter validity periods mean that the certificate is renewed more frequently, reducing the risk of certificate compromise. If an SSL certificate is compromised, a shorter lifespan minimizes the potential impact since the certificate will be invalid in less than 90 days.
Faster Issuance: 90-day certificates are often issued more quickly than longer-term certificates that require further validation. This rapid issuance can be particularly beneficial for organizations that need to deploy SSL certificates quickly or for environments with frequent changes.
Encourages Regular Renewal: The shorter validity period encourages regular review and renewal of certificates. This can help ensure that the certificates are always up-to-date and that the associated encryption standards and configurations are current with the latest security practices.
While 90-day SSL certificates have their advantages, there are also some downsides to consider:
Increased Administrative Overhead: Frequent renewals of SSL certificates can increase administrative workload. Organizations need to manage and track multiple renewal dates, which can lead to more frequent updates and potential disruptions if not handled properly. ACME can make this easier but even the best have issues - you can read our SSL renewal issue post-mortem from early September 2024 here.
Potential for Expired Certificates: If renewal processes are not managed carefully, there is a higher risk of certificates expiring unnoticed. This can lead to service interruptions, security warnings for users, and loss of trust if the website or service becomes inaccessible due to an expired certificate.
Short-Term Validity Costs: Although 90-day certificates are often less expensive per certificate compared to longer-term ones, the need for frequent renewals can add up in terms of administrative and operational costs. For large-scale deployments, managing numerous short-term certificates can become cumbersome and costly.
In summary, while 90-day SSL certificates can offer improved security and rapid issuance, they also come with challenges related to management and potential service interruptions if not handled properly.
Google Proposing Maximum Validity 90-day SSL Certificates
With Google proposing 90 days as the maximum validity period for all SSL certificates, businesses need to be ready to adapt to this new reality by implementing short-term validity certificates. Most CDN providers manage SSL certificates for you, including us here at Skip2 Networks.