Limitation validity term SMIME certificates

27 October 2021

After previous limitations in the validity term of SSL certificates, the validity term of e-mail or S/MIME certificates is now also limited to two years. S/MIME certificates are used for email signing and encryption, as well as for client authentication and signing Office documents.

What exactly will change?

Apple has announced a change in the term of S/MIME certificates in its Root Certificate Program: As of April 1, 2022, the maximum allowed term for S/MIME certificates is limited to 825 days, and certificates longer than 2 years are no longer allowed. A shorter duration has been discussed for a long time because of security, for example, Apple took the initiative in 2020 in limiting the duration of SSL certificates to 13 months.

What does this mean for you?

All e-mail certificates that you request after April 1, 2022 have a maximum validity of 2 years, certificates with a longer term that are issued before this date will remain valid during their validity term. A shorter validity period means that you will have to renew a certificate more often. Nowadays this is no longer possible directly via the browser. Alternatively, you can use the Xolphin Certificate Tool for this.