methodology / Security & Infrastructure / #5
SSL certificate validity & expiration window
#5 · Required · Web Standards · security · Security & Infrastructure · weight 2% · impl implemented · method v1.2.0
Web Standards item — Security
This factor is part of Web Standards — the table-stakes binary layer of the score. It is graded pass/fail and gates the Web Quality score; it is not weighted into Web Quality itself.
- Pass criteria
- Tolerant — passes on pass or warn.
- Web Standards label
- Valid TLS certificate
- Why it's required
- Every modern browser will block or warn on an invalid certificate. An expired or self-signed cert breaks the site for ordinary visitors.
What this means for your business
The little padlock next to your address bar comes from a certificate that has to be renewed on a schedule. If it lapses, every browser slams a full-screen red warning in front of your customers and they bounce.
Plain title: Your padlock isn't about to expire
What we measure
Your SSL certificate proves to visitors that they're connecting securely. Expired or missing certificates trigger 'Not Secure' warnings.
How to improve your score
Use Let's Encrypt (free, auto-renewing) or your hosting provider's managed SSL. Configure auto-renewal so it never expires.
Facts
Scoring
Scoring formulas are versioned with the methodology. The current method (v1.2.0) maps raw measurements to pass, warn, fail. Factor weights determine how much each contributes to the composite — see the methodology index for the full table.
Cited by these standards
Standards in the Standards Library whose satisfiedBy requirement tree references this factor. Each link goes to the standard's full entry — methodology, scope, and the other factors it relies on.
Version history
| Version | Change | Date |
|---|---|---|
| v1.2.0 | Factor introduced. Status: live. Scoring impl: implemented. | 2026-04-25 |