- November 10, 2023: Moved more certificate best practices from assessment.
- July 15, 2019: Published.
Review the following industry-standard practices for TLS/SSL Certificates:
- The maximum duration of the validity of publicly trusted TLS/SSL certificates is 825 days. This applies to certificates valid starting March 1, 2018 or later. Learn more…
- Today’s date must fall within the valid dates for the certificate. If a certificate is expired or if it goes into effect in the future, any data sent to or from the host may be insecure.
- Apple, Google, and Mozilla no longer trust certificates that were issued on or after September 1, 2020 and have a validity duration greater than 398 days. Certificates issued on or after September 1, 2020 that have a validity period of more than 398 days are graded as WARN.
- The certificate must be issued by a trusted certificate authority. Certificate authorities must be in at least two of the following stores to be considered as trusted: Microsoft, MacOS, Google Android, Mozilla NSS.
Certificate Support & Secureness
- Mozilla Firefox community members found that in 2017, “Symantec had entrusted several organizations with the ability to issue certificates without the appropriate or necessary oversight, and had been aware of security deficiencies at these organizations for some time.” These certificates were not issued in compliance with industry requirements.
- In late Q1/early Q2 2018, both Mozilla Firefox and Google Chrome do not support Symantec-issued TLS/SSL certificates assigned before June 1, 2016. Users on mobile and desktop devices should not connect with those browsers, to any websites, or services that use these distrusted certificates. See the Chrome release schedule concerning Symantec certificates.
- The key must be generated using a secure algorithm, such as RSA, DSA or elliptic curve.
- Keys must be the recommended length or longer. For RSA and DSA keys, a length of 2048 bits is recommended; for elliptic curve keys (EC), a length of 224 bits is recommended.
- The certificate must be signed using a secure algorithm. MD2, MD5 and SHA1 are considered insecure.
- Providing a self-signed or untrustworthy certificate for connecting clients, such as not specifying a Server Name Indication (SNI), is a practice that denotes poor security and should be avoided. See recommendations.