This is a notice for all Blacknight customers who may have purchased a 2-year SSL Certificate through Blacknight – from August 19, 2020, these will no longer be available for purchase from us, and if you have one, it will be downgraded to a 1-year SSL upon renewal.
SSLs, or secure socket layers (now generally deprecated and called Transport Layer Security – TLS), are the plumbing that makes websites and eCommerce secure on the internet. It’s when your URL says https:// instead of http:// and has the little lock in the address bar. At the most fundamental level, an SSL/TLS is a form of encryption that ensures your connection, and the connection you’re making elsewhere on the web is secure. It’s what makes eCommerce and conducting personal business online secure. It’s a unique piece of code inserted onto your server, that’s signed off by a security firm like Sectigo that says the connection is valid and secure. This piece of code is the actual ‘certificate’ and that’s what is changing here. They used to be available for several years at a time. But the major internet companies have decided that anything longer than 1 year is fundamentally insecure.
Why is this happening?
Because Google and Apple say so. Due to a new industry-wide requirement that has been spearheaded by Apple and Google, any two-year SSL/TLS certificate issued after August 30th, 2020, will be distrusted in their browsers. That means when someone goes to your website, they’ll get the dreaded ‘this website is not secure message’ before being able to load it. Your website may still be secure with the SSL, but the two major browsers – Apple’s Safari and Google’s Chrome – will say that it’s not. You do not want that.
What happens if you have a two-year SSL? Will your website become untrusted?
No, it will not. Any certificate issued before August 30th will be recognized as secure and valid. No new two-year certificates after that will be considered secure and valid (so don’t let anyone sell you one). If you currently have a two-year certificate with Blacknight – then you’ll be fine until it’s up for renewal. When it’s renewed, you will be automatically renewed with a 1-year certificate going forward (at 1-year pricing). Blacknight SSL/TLS certificates signed by Sectigo will no longer be offered from August, 10th 2020.
We understand the logic around this decision, even though it’s an inconvenience for everyone involved. There’s more opportunity for ‘zombie’ certificates to be hijacked in a two-year period. It’s possible that eventually, certificates may even be less than a year. The idea is that the more recent the certificate is, the more secure it is. There was once a day when you could buy an SSL Certificate for ten years!
Those days are long gone. It’s probably a good thing. Managing SSL/TLS certificates are a critical part of keeping your websites, emails and intranets secure and now, if you don’t even have one – the major browsers will warn users away from your website. So, always, always, get an SSL when setting up a website. Blacknight can, of course, help out with this. We offer SSL certificates through Sectigo.
SSLs with Blacknight are signed by Sectigo and start at €29.99 per year excluding VAT for one domain. If you have multiple websites, we can facilitate that as well.
If you have any questions at all about your current SSL, please don’t hesitate to contact Blacknight Support.