Now I had a due diligence with one of my clients and they asked a very interesting question. Ordinarily, we have 2 year SSL certificates for our services. The question was, why we chose 2 years not 1 year. To be honest, I didn’t have a valid response which made me think, is there an acceptable SSL certificate shelf life?
What difference does it make between 1 & 2 years? Is there a standard PKI recommendation on picking either?
2 Years usually are cheaper than1 Year, of course.
Plus, with 2 Years certificates (or more years) you don’t have to go through all the renewal process:
A) Renewing a Certificate is considered as issuing a new one, since your organization still has to be verified with every renewal. Save the hassle to do it every year, with 2 Years or more Years Certificates.
B) Remove expired certificate, install new certificate, etc… in your servers after 1 year.