SSLmentor

Quality TLS/SSL certificates for websites and internet projects.

Client Login
47 days!

47 days!

Shortening the certificate lifespan

The CA/Browser Forum* approved proposal SC-081v3 in April 2025. This vote introduces a phased schedule for shortening the validity period of TLS/SSL certificates and the reuse period of validation data. This change aims to enhance security and promote certificate management automation.

*The CA/Browser Forum is a voluntary association of certification authorities, browser vendors, and operating system developers that defines rules in the field of internet security related to HTTPS communication and certificate issuance.

Key Changes and Dates

Starting March 2026, the maximum validity of newly issued SSL certificates will be reduced from the current 398 days to 200 days. This reduction will continue gradually until reaching a maximum validity of 47 days.

  • SSL certificates issued until March 15, 2026 → validity max. 398 days
  • SSL certificates issued from March 15, 2026 → validity max. 200 days
  • SSL certificates issued from March 15, 2027 → validity max. 100 days
  • SSL certificates issued from March 15, 2029 → validity max. 47 days

Important information! SSL certificates issued before 15. 3. 2026 with a 1-year validity will remain functional and trusted even after this date. For multi-year orders, you can perform a REISSUE (certificate renewal) before this date, which will be issued with a validity of 398 days or until the end of the prepaid period.

Validity Shortening Since 2012

Until 2012, there were no restrictions on SSL/TLS certificate validity. Then, the CA/B Forum was established, publishing new rules for certification authorities and certificates. In 2012, the validity was shortened to 10 years, in 2015 to 3 years and 3 months. In 2017, it was decided that certificates would be valid for a maximum of 825 days, and in 2020 the limit was reduced to 398 days.

Reasons to shorten SSL certificate validity periods

There are several reasons why the CA/B Forum decided to shorten validity. These include increased security, support for automation, faster response to changes and threats, a better revocation model, and last but not least, the advent of quantum computers and the threat of key decryption.

SSL Certificate Management Automation

All certification authorities offer (or are preparing) automated processes for deploying and renewing SSL certificates. We will soon offer automation to our customers as well, and will gradually include it in our services and help documentation.

Where next?

Back to Help
Found an error or don't understand something? Write us!

CA Sectigo
CA RapidSSL
CA Thawte
CA GeoTrust
CA DigiCert
CA Certum