Shorter validity periods for SSL/TLS certificates

• From 20  August 2020, only SSL/TLS certificates with a one-year validity period will be available.
  
   
• This change means that SSL certificates will now need to be renewed at least once a year. Two-year certificates will no longer be available in the web shop.
  
   
• Two-year SSL certificates issued before 1  September 2020 will remain valid.
  
   
• Have you already purchased a two-year licence but not yet activated it?
   

  If you have not yet redeemed your two-year SwissSign licence, this licence is now valid for an extended period.
  
  This means that you can now use this licence twice, each time for one certificate with a one-year term.
  
  You do not have to do anything else except retain the licence.
   

• The validity of email certificates will not be affected, i.e. they remain unchanged.
   

Managed PKI customers who obtain their SSL certificates via the automated Certificate Management over CMS (CMC) interface must change the ‘validity’ value from ‘2y’ to ‘1y’.

Important

• The billing of certificates obtained via Managed PKI will not change (active certificates will be billed regardless of their validity period).
   
• Two-year SSL certificates issued before 1  September 2020 will remain valid.
   
• From 20  August 2020, only SSL/TLS certificates with a one-year validity period will be available.
   
• The validity of email certificates will not be affected, i.e. they remain unchanged.

Please feel free to contact SwissSign Support should you have any further questions.

As a web shop customer, you re-order the certificate that is set to expire. You re-complete and sign the application at swisssign.net and send us the required documents (e.g. copy of identification document/passport).

Tips and tricks for web shop customers
 

• Silver certificates are issued within a matter of seconds without a written request.
• Since recently, it has no longer been necessary to enclose a commercial register excerpt for Gold certificates.
• Don't submit your request by post, but rather signed electronically with the SuisseID.
• In the case of very urgent extensions, send your requests to us by e-mail and subsequently submit your request physically by post within ten days.
• Make sure to provide the correct signature: In the case of Gold-level requests, either authorised agents or individuals entered in the relevant register must sign for the organisation.
• Should dual signing authorities apply, two signatures are also required for the organisation.
• Enclose a copy of an identification document for all signatories.
• For security reasons, we require – if you have entered a CSR – new key pairs. Please note this upon entering your CSR. This also serves to ensure that pace is kept with the ever longer key lengths as per the latest cryptological standards. Furthermore, many server platforms require new CSRs upon exchanging a certificate.
• Make life easier and use our authorisations:
  • Have your organisation's representatives authorise you in the customer agreement. This only has to be done once and afterwards you will be authorised to sign all requests for your organisation. Please refer to this authorisation in the respective request or enclose a copy.

As a Managed PKI customer, you can re-order your certificate in a convenient manner via your Managed PKI web interface or your Managed PKI application can even take care of this for you automatically.

Our support team is happy to help you if you have any further questions.