20250110 - Decrease in the lifespan of GlobalSign Code Signing certificates
GlobalSign announced a few days ago its decision to limit the lifespan of its code signing certificates.
Why?
The authority has chosen to anticipate a directive from the CA/B Forum aimed at reducing the lifespan of code signing certificates and which should be voted on during the year 2025.
The latter provides for the limitation of the validity period to 460 days and would be effective on June 15, 2025.
The reasons for this limitation:
- Enhanced security: Shorter validity periods allow for faster certificate updates and revocations, minimizing potential risks to your software and users.
- Simplified compliance: Shorter periods ensure your certificates reflect the latest security standards, helping your software stay compliant with industry best practices.
Note that nothing has been put to a vote yet and only GlobalSign has chosen to implement these new rules at this time.
What is the schedule?
As of February 28, 2025, GlobalSign will stop issuing 2- and 3-year code signing certificates. The maximum duration will be limited to 460 days, or 1 year and 3 months.
What are the impacts for 2 and 3 year certificates issued before this date?
None. These will continue to function normally until their expiration date.
Reissuances
A certificate valid for 2 or 3 years may be reissued while retaining its expiration date until May 30, 2025.
Certificates that are reissued after this date will have to respect the new period of validity, which could result in a more or less significant loss of days.
What are your options?
If you wish to obtain a GlobalSign code signing certificate valid for 2 or 3 years, we advise you to submit your requests before January 31, 2025 in view of the authority's significant delivery times for these products.
Any certificate request not completed by February 28 will be cancelled and new requests for certificates valid for 1 year will have to be re-submitted.