On the 10th of June a CA/Browser Forum representative informed through Twitter that as of September 1 2020 Google Chrome will start limiting SSL/TLS certificates validity period to 398 days, or a bit over 1 year.
So what exactly does this change mean for a website owner or administrator? Since the maximum certificate validity will be cut in about half, the chance to miss extension date will simply become twice as big.
We can also expect somewhat increased effort around certificate management. The amount of work stays the same actually, it just has to be done more often. On the bright side of things, it does improve security through making important pieces of information rotate more frequently.
As a side note, it may be a good time to (re)evaluate certificate management automation.
Stay tuned for more details as we expect the official meeting minutes to be published soon.