Maximum SSL certificate lifetime reduced from March 2026
The CA/Browser Forum has adopted a change to the maximum lifetime of publicly trusted SSL/TLS certificates. From March 15, 2026, the maximum lifetime of an SSL/TLS certificate will be 199 days. This change applies to all public Certificate Authorities worldwide and therefore to all certificates ordered through us.
What is changing for SSL certificates?
Until now, SSL/TLS certificates could be issued with a lifetime of up to 398 days. From March 15, 2026, the maximum validity of an SSL certificate will be reduced to 199 days. This means SSL certificates will need to be renewed more frequently. A further adjustment to SSL certificate lifetimes is planned at a later date.
Certificate Authority transition schedule
The individual Certificate Authorities are implementing the change at slightly different dates:
| Certificate Authority | Effective from |
|---|---|
| DigiCert | Feb 24, 2026 |
| Sectigo | Mar 12, 2026 |
| Certum | Mar 13, 2026 |
| GlobalSign | Mar 14, 2026 |
From the respective date, new SSL certificates from the corresponding authority will only be issued with a maximum lifetime of 199 days.
What does this mean for your existing SSL certificates?
SSL certificates that have already been issued will remain valid until their regular expiration date. The new lifetime rules apply exclusively to SSL/TLS certificates issued after the respective transition date.
Domain validation: Shorter reuse period
In addition to SSL certificate lifetimes, the DCV reuse period (Domain Control Validation) is also being adjusted. From March 15, 2026, an existing domain validation can only be reused for a maximum of 200 days. Previously, this period was 398 days. A renewed domain validation may therefore be required when your SSL certificate is reissued.
1-year SSL certificates still available
You can still order SSL certificates with a one-year term. To make full use of the entire paid lifetime, the SSL certificate will be reissued free of charge before the 199-day period expires. This way you can use the full term of your SSL certificate at no additional cost.
Our recommendation
Review your current SSL certificate inventory to identify which certificates are affected and when the next renewal is due. We are continuously working to make SSL certificate management as easy as possible for you.
If you have any questions, please do not hesitate to contact us!
