If you run a website, sign software, or send business emails in the UK, you already rely on digital certificates to keep your data safe. SSL certificates protect your customers’ information. Code signing certificates verify your software. S/MIME certificates authenticate your emails.
Right now, all of that encryption works. The maths behind it is solid. But there is a credible, growing threat that could change that picture within the next decade, and the UK’s own cyber security agency has just told every business to start preparing.
This post explains what quantum computing means for your digital certificates, what the National Cyber Security Centre (NCSC) is actually asking businesses to do, and why the steps you take now are much simpler than you might think.
What Is the Quantum Threat, Exactly?
Today’s encryption, the kind that secures your SSL certificate, your code signing, and your encrypted emails, relies on mathematical problems that are practically impossible for a conventional computer to solve. Factoring a very large number into its prime components, for example, would take a classical computer millions of years. That difficulty is the foundation of your security.
Quantum computers work differently. Rather than processing information in binary bits (0 or 1), they use quantum bits that can exist in multiple states simultaneously. This allows them to tackle certain mathematical problems, including the ones underpinning most current encryption, dramatically faster than any conventional machine.
A quantum computer powerful enough to break today’s RSA or elliptic curve encryption does not yet exist. However, governments, universities, and major technology companies are investing billions to build one. The NCSC and most security experts believe such a machine could realistically arrive somewhere between 2030 and 2035.
That might sound comfortably distant. But there is a catch, and it is one that affects your data right now.
The “Harvest Now, Decrypt Later” Problem
State-sponsored cyber actors are already intercepting and storing encrypted data today, even though they cannot yet read it. The strategy is straightforward: collect everything now, then decrypt it once a sufficiently powerful quantum computer exists.
For data that only needs to be secret for a few months, this is not an immediate concern. But consider what many UK businesses hold: long-term contracts, intellectual property, financial records, patient data, employee information, legal communications. If any of that data needs to remain confidential for more than five to ten years, it is potentially already at risk.
This is why the NCSC’s position is not “wait until quantum computers arrive.” It is “start preparing now, because waiting until arrival is too late.”
The NCSC’s Three-Phase Roadmap
The NCSC has published clear guidance on migrating to post-quantum cryptography (PQC), laying out a phased approach that runs through to 2035. The three phases are:
Phase 1: Now to 2028 – Discover and Plan
Identify every cryptographic service your organisation uses. Where are certificates deployed? Which applications use hard-coded encryption keys? Which systems hold data that needs to remain confidential for a decade or more? The goal here is a complete picture of your cryptographic estate, not an immediate replacement of everything.
Phase 2: 2028 to 2031 – Execute High-Priority Upgrades
Begin migrating the most sensitive and exposed systems to quantum-resistant algorithms. This phase is where meaningful technical work happens, informed by the inventory built in Phase 1. Standards and vendor support will be significantly more mature by this point.
Phase 3: 2031 to 2035 – Complete the Migration
Finish the transition across all systems and services, including any legacy infrastructure that requires more time or significant investment to update.
For most UK small and medium-sized businesses, the NCSC is explicit: much of this migration will happen automatically through regular software updates, operating system patches, and browser upgrades from vendors who are already building PQC support into their products.
What This Means for Your SSL Certificates
SSL and TLS certificates are directly in scope for post-quantum migration. The good news is that the industry is already moving. Browser vendors including Google, Apple, and Mozilla have begun testing hybrid approaches that combine traditional key exchange with quantum-resistant algorithms. Certificate authorities are working on the standards needed for post-quantum certificates.
The NCSC notes that the Web PKI, the trusted infrastructure of certificate authorities and browser trust stores that your SSL certificate relies on, presents some specific coordination challenges for post-quantum migration. There is not yet a fully standardised way to incorporate post-quantum signatures into SSL certificates while maintaining compatibility with all existing systems. That standardisation work is underway, with final standards expected around 2027.
In practical terms, this means your SSL certificate supplier will, over the coming years, offer certificates that support quantum-resistant algorithms. For most websites, the transition will be handled by your certificate provider without any dramatic changes to how you buy or renew certificates. What matters now is choosing a supplier who is keeping pace with these changes.
The certificate validity changes already underway (SSL certificates are now capped at 200 days, with further reductions coming) are directly connected to this longer-term quantum story. Shorter certificate lifespans mean encryption keys are refreshed more regularly, which limits the window of exposure if keys are eventually compromised by quantum-capable adversaries.
What This Means for Code Signing Certificates
Software developers and publishers face particular exposure to the quantum threat. Code signed today with a three-year certificate, or even a one-year certificate, needs to remain trusted for as long as the software is in use. Legacy software is often still running a decade after its initial release.
The recently introduced 460-day maximum validity for code signing certificates is partly a response to this concern. More frequent renewal means more frequent key rotation, which reduces the long-term risk from any single compromised key.
For UK software companies, the practical step right now is to ensure code is properly timestamped at signing. A valid timestamp proves that the code was signed while the certificate was legitimate, and that proof remains valid even after the certificate expires or after post-quantum migration changes the underlying algorithms. Without timestamping, software signed today could lose its trusted status during future cryptographic transitions.
What This Means for S/MIME Email Certificates
Email communications present a particularly interesting challenge for post-quantum planning. Messages exchanged today may be stored by recipients, archived for compliance, or held on servers for years. Any email encrypted with current algorithms could theoretically be decrypted in the future if a quantum computer renders those algorithms obsolete.
For most businesses, this makes the combination of email encryption (protecting the content) and digital signing (verifying the sender) increasingly important, not just as a defence against today’s phishing threats, but as part of longer-term communications security.
S/MIME certificates provide both capabilities: they encrypt email content and they digitally sign messages to prove they came from the genuine sender. As post-quantum standards for email security develop, S/MIME certificates will be updated to incorporate quantum-resistant algorithms.
Practical Steps for UK Businesses Right Now
The NCSC is clear that this does not require panic or immediate wholesale replacement of your security infrastructure. But it does require that you begin treating cryptography as active infrastructure rather than a set-and-forget tool.
Here are the steps that make sense for most UK businesses in 2026:
Take stock of your certificates. Know which SSL certificates you hold, when they expire, what systems rely on them, and which data they protect. Certificate management tools can automate this inventory.
Move to automated renewal. With SSL certificate validity now at 200 days (and reducing further in coming years), manual renewal processes are becoming increasingly unworkable. Automation protects you against expiry-related outages and positions you for the shorter validity periods ahead.
Ensure your code signing includes timestamping. If you distribute software, every build you sign should carry a valid timestamp. This is the single most important protection against your signed software losing trust during future cryptographic transitions.
Choose suppliers who are tracking PQC developments. When you renew certificates, check that your provider is actively preparing for post-quantum standards. The transition to PQC certificates will happen via your certificate authority, so working with a supplier who understands the roadmap matters.
Identify any long-lived sensitive data. If your business holds information that needs to remain confidential for a decade or more, that data deserves priority attention in any future migration plan.
The Bigger Picture
The quantum threat to encryption is real, it is taken seriously by the UK government and GCHQ, and the timeline is short enough that preparation needs to begin now. But “preparation” does not mean replacing everything overnight.
For the vast majority of UK businesses, the journey to post-quantum security will be a gradual, largely managed transition, delivered through the normal process of renewing certificates, updating software, and working with suppliers who are already building this capability into their products.
The businesses that will struggle are those that treat their digital certificates as invisible infrastructure, renewed grudgingly and managed manually. The businesses that will adapt smoothly are those that start now: keeping their certificate inventory current, automating renewals, and working with providers who are actively engaged with the changes ahead.
At buyssl.co.uk, we supply SSL certs, code signing and S/MIME certificates from the leading certificate authorities, and we are tracking post-quantum developments closely. If you have questions about how the NCSC roadmap affects your certificate choices, get in touch.
Sources: NCSC “Timelines for migration to post-quantum cryptography” (2025); NCSC Post-Quantum Cryptography Pilot Scheme (2026); CA/Browser Forum Ballot SC-081v3.
