Sectigo Subscription SSL

Why Subscription SSL?

The maximum validity of SSL certificates has been limited in recent years from 5 to 3 to 2 years, and now down to 1 year from  September 1, 2020. There is a chance that the validity period will be further limited. The proponents (the web browsers and some CAs including Sectigo) strongly encourage this because of the security benefits. Although all CAs recognize this, there is a need from the market for a longer validity to limit management and administration burdens. Subscription SSL responds to this by saving time and money as organisations spend less time on certificate management and benefit from a lower yearly price.

How does Subscription SSL work?

You can purchase Sectigo Subscription SSL for 2, 3, 4 or 5 years. This gives you a discount on the price per year. The subscription is available with all Sectigo SSL certificates. The subscription does not affect the technical lifespan, and according to current guidelines, a certificate must be technically renewed every 13 months.

What is the price of Subscription SSL?

The price for a 2-year Subscription SSL is equal to the price for a 2-year certificate. For rates for 3-, 4- and 5-year Subscriptions, please contact your account manager as soon as they are available.

How can you use Subscription SSL via Xolphin as a reseller?

There are currently two conditions at Xolphin:

  • Subscription SSL can be requested for 2 years;
  • Subscription SSL can be requested via the Xolphin REST API. Not an API user yet? You can integrate the API free of charge.

New certificate requests

If you use the Xolphin REST API, as of August 18, you will receive an SSL certificate in the form of the new Subscription SSL as soon as you apply for a 2-year certificate. You don’t have to make any changes yourself. Coming Soon: The offer will be extended in the short term with the option for 3-, 4- and 5-year subscriptions, and the option for ordering Subscription SSL via the Control Panel.

Renew technical validity 

As described earlier, a technical annual renewal is required despite the purchased subscription. We do not send reminder emails for this: we will send you a ‘ReadyForReissue’ webhook call after which you can reissue the SSL certificate. You may have to implement the "ReadyForReissue" webhook call for this.

For the renewal, a new CSR must be submitted and revalidation is required. You will then receive the reissued certificate for installation.

Depending on the certificates’ validation level, the technical renewal requires:

  • a CSR;
  • domain validation (DCV);
  • with OV certificates, new company validation every 27 months;
  • with EV certificates, new company validation and phone validation every 13 months.

What is the cancellation period for Subscription SSL?

As with regular SSL certificates, Subscription SSL has a cancellation period of 30 days. This only applies to the start of the subscription, and not annually with every technical renewal of the certificate subscription.

What are the payment terms for Subscription SSL?

You pay once when purchasing a subscription for the entire period of that subscription (1-5 years). This limits the number of payment moments, and enables us to apply the multi-year discount.

What are the costs for adding extra domains to a multi-domain certificate?

Subscription SSL is also available with multi-domain certificates, which can be extended with additional domains through a reissue during the term of the subscription. Just like with a regular SSL certificate, you only pay for the extra added domains, and the costs are calculated over the remaining term of the subscription.

Why do you set August 18 as the deadline instead of September 1?

The general deadline for the transition to 1-year certificates is September 1, 2020. A minimal delivery time applies to certificates with company validation (OV and EV), so suppliers opt for a safe margin of two weeks. Xolphin conforms to this.

SSLCheck

Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up