Frequently Asked Questions about Multi-year Certificates
Why is my certificate only valid for one year?
The software companies behind the most popular web browsers decided to stop supporting 2-year certificates at the beginning of September 2020. This means that 2-year certificates are now rejected by browsers, and thus websites with these types of SSL certificates are considered as not having an SSL certificate at all. For this reason, 2-year SSL certificates are no longer a viable option.
What about my current 2-year SSL certificate? Is it still valid?
2-year SSL Certificates purchased before September 1, 2020 remain valid and will continue to be accepted by browsers for the full 2 years of their original validity. Browsers will only reject and invalidate SSL certificates of more than one year that have been generated after this date.
If the certificate is only valid for one year, then how is it possible to purchase a multi-year certificate?
When you buy a multi-year certificate, you're essentially buying it at a bulk discount. You can pay for several years at once and thereby qualify for a discounted price. But you'll still need to revalidate the certificate every year.
What is the maximum duration of an SSL purchase?
To start with, we're only offering 2-year subscriptions. We hope to extend this period in the future.
How do I renew my certificate when it's due?
The procedure for renewing your certificate depends on the type of certificate you have purchased. Generally speaking, you'll need to follow the same steps as when you created your certificate.
If you have an automatic SSL Certificate on a Web Hosting instance with no identity validation required, we'll renew the certificate automatically for you.
If you have a certificate on a Web Hosting instance that requires identity verification, such as a Pro or Business Certificate, you'll simply need to complete the identity verification process as you did when creating the SSL. If you have generated your own CSR, for example for a site hosted elsewhere than at Gandi, then you will need to generate and use a new CSR every year. You can check what is required by going to the details of the certificate in question in your account.
Why do I have to validate my identity every year if I've done it before?
The purpose of identity verification is to prove that your company is still in operation and that your contact details are still accurate. Although this validation process involves some work on your part, checking that your information and company are still up to date and operational is an important part of the SSL Certificate principle. Requiring more frequent checks not only protects your company from identity theft by fraudsters, but also protects your customers.
Before this change, you were still required to go through this verification process every time you renewed your SSL Certificate. The only difference is that this procedure must now be carried out every year, instead of every two years.
Can I cancel my subscription?
As with all Gandi SSL Certificates, you have a 30-day "Money Back Guarantee", starting from the date of purchase. If you wish to cancel the purchase of a Multi-Year SSL Certificate, for any reason whatsoever, this will ONLY be possible WITHIN 30 DAYS OF PURCHASE, and only by contacting Gandi's Support team: support-en@support.gandi.net