Deprecation of client authentication EKU from SSL/TLS certificates

From 07 OCTOBER 2025 deprecation of the client authentication EKU will take place from all SSL/TLS certificates. This is in response to the browser forum requirements to remove support.

RapidSSL and QuickSSL Premium certificates will still be issued with the client authenticaiton EKU in place until 15 MAY 2026.

If you use your certificate for mTLS server-to-server or client-to-server authenticaiton then you will be impacted. After the 15 MAY 2026 you should consider transitioning to a private CA. Contact our sales team about options available.