Effective March 2026, the digital security industry (led by the CA/Browser Forum) has implemented a new standard for SSL/TLS certificates. To enhance global security, the maximum lifespan for any publicly trusted certificate is being reduced in a phased approach.
What is changing?
While you can still purchase a 1-year subscription for your SSL certificate, the certificate file installed on your server will have a shorter expiration date than your subscription.
To keep your site secure, you will need to reissue and reinstall your certificate at specific intervals during your paid subscription term.
The Industry Roadmap
The industry is moving toward shorter certificate lifespans to reduce the window of opportunity for cyber threats. The following deadlines have been established for all Certificate Authorities:
|
Effective Date |
Max Certificate Validity |
|---|---|
|
Current |
398 Days |
|
March 15, 2026 |
200 Days |
|
March 15, 2027 |
100 Days |
|
March 15, 2029 |
47 Days |
Frequently Asked Questions (FAQ):
Why does my certificate expire before my order ends?
Industry rules limit certificate lifetimes for security reasons. Longer orders (like a 1-year subscription) are fulfilled through multiple certificate reissues. Think of your purchase as a "license" for the year, while the certificate file is a "token" that must be refreshed halfway through.
Example: A 365-Day Order
-
Initial Certificate: Valid for the first 200 days.
-
Mid-Term Reissue: The remaining 165 days of your order can be used to reissue a new certificate before the first one expires, ensuring continuous coverage.
What impact will this change have on the client-side installation process?
The certificate installation process remains exactly the same—you will still be provided with a primary server certificate and an intermediate certificate, which you upload to your server. However, because the lifetime of the certificate is shortening (first to 200 days, then 100, then 47), you will need to reissue and reinstall your certificate more frequently to prevent it from expiring during your subscription term.
Do I need to reissue my existing certificates once the lifespan shortens?
No, you don’t need to reissue your existing certificates issued before March 15th, 2026. You can continue to use them until they expire.
What happens if I purchase my order before March 15th, but the certificate is issued after?
Certificate validity is based on the issuance date, not the purchase date. If your certificate is issued on or after March 15, 2026, it will be capped at the new industry limit regardless of your subscription length.
If you require any support for your SSL Certificate, please contact our Support Team via Live Chat, create a Support Ticket or call our friendly team on +1.760.444.8674.