Views:12
Time:2026-03-21 18:13:59 Author: NiceNIC 
Dear Valued Customers,
In line with the latest industry standards and to ensure your website's security, we would like to inform you about important changes regarding SSL/TLS certificate validity periods.
These changes, mandated by the CA/Browser Forum, will be implemented by major Certificate Authorities (CAs) such as DigiCert, Sectigo, and GlobalSign. These updates are designed to enhance security across the internet.
1. Phased Reduction in SSL/TLS Certificate Validity Period
Starting from March 15, 2026, there will be a phased reduction in the maximum validity period for publicly trusted SSL/TLS certificates, as follows:
Effective Date Maximum Certificate Validity
Until March 14, 2026 Maximum 398 days
March 15, 2026 – March 14, 2027 Maximum 200 days
March 15, 2027 – March 14, 2029 Maximum 100 days
From March 15, 2029 Maximum 47 days
Since March 15, 2026, newly issued certificates are now limited to a maximum of 200 days. If you purchase an SSL certificate after March 15, 2026, it will be valid for only 200 days. If you purchased a 365-day certificate before March 15, 2026, it will still be valid for its full term. However, if you buy a 365-day certificate after March 15, 2026, it will expire after 199 days, and you will need to re-issue it after that.
2. Impact on Major CAs
DigiCert
Effective February 24, 2026, DigiCert reduced the maximum validity of public TLS/SSL certificates to 199 days. All new certificates will be limited to 199 days starting from that date.
Sectigo / GlobalSign
Sectigo, GlobalSign, and other CAs will implement similar validity period reductions, generally around 200 days, starting from March 15, 2026.
3. Why Are SSL/TLS Validity Periods Changing?
These changes are being implemented by the CA/Browser Forum, which governs industry security standards, to:
Reduce the window for abuse in case of private key compromises.
Encourage automation in certificate management.
Accelerate adoption of stronger encryption algorithms and security policies.
This shift ensures a faster, more responsive approach to evolving web security standards.
4. Changes to Code Signing Certificates
In addition to SSL/TLS certificates, Code Signing Certificates are also being affected:
Starting March 1, 2026, the validity for code signing certificates will be reduced to 459 days (from the current 39 months).
5. Recommendations for Customers
To ensure a smooth transition and continued security:
Plan your certificate renewal processes ahead of time: With the shorter validity periods, we recommend enabling automatic certificate renewal.
Adopt ACME (Automated Certificate Management Environment) for hassle-free renewals.
Review your certificate management system to ensure it can accommodate the new validity rules.
If you have any questions or need assistance updating your certificates, feel free to reach out to our support team. We're here to help ensure compliance and keep your security systems up-to-date.
Warm regards,
NiceNIC Team
ICANN Accredited Registrar since 2012
Domains | Reseller API | Business Email | SSL Certificates | Servers
In line with the latest industry standards and to ensure your website's security, we would like to inform you about important changes regarding SSL/TLS certificate validity periods.
These changes, mandated by the CA/Browser Forum, will be implemented by major Certificate Authorities (CAs) such as DigiCert, Sectigo, and GlobalSign. These updates are designed to enhance security across the internet.
1. Phased Reduction in SSL/TLS Certificate Validity Period
Starting from March 15, 2026, there will be a phased reduction in the maximum validity period for publicly trusted SSL/TLS certificates, as follows:
Effective Date Maximum Certificate Validity
Until March 14, 2026 Maximum 398 days
March 15, 2026 – March 14, 2027 Maximum 200 days
March 15, 2027 – March 14, 2029 Maximum 100 days
From March 15, 2029 Maximum 47 days
Since March 15, 2026, newly issued certificates are now limited to a maximum of 200 days. If you purchase an SSL certificate after March 15, 2026, it will be valid for only 200 days. If you purchased a 365-day certificate before March 15, 2026, it will still be valid for its full term. However, if you buy a 365-day certificate after March 15, 2026, it will expire after 199 days, and you will need to re-issue it after that.
2. Impact on Major CAs
DigiCert
Effective February 24, 2026, DigiCert reduced the maximum validity of public TLS/SSL certificates to 199 days. All new certificates will be limited to 199 days starting from that date.
Sectigo / GlobalSign
Sectigo, GlobalSign, and other CAs will implement similar validity period reductions, generally around 200 days, starting from March 15, 2026.
3. Why Are SSL/TLS Validity Periods Changing?
These changes are being implemented by the CA/Browser Forum, which governs industry security standards, to:
Reduce the window for abuse in case of private key compromises.
Encourage automation in certificate management.
Accelerate adoption of stronger encryption algorithms and security policies.
This shift ensures a faster, more responsive approach to evolving web security standards.
4. Changes to Code Signing Certificates
In addition to SSL/TLS certificates, Code Signing Certificates are also being affected:
Starting March 1, 2026, the validity for code signing certificates will be reduced to 459 days (from the current 39 months).
5. Recommendations for Customers
To ensure a smooth transition and continued security:
Plan your certificate renewal processes ahead of time: With the shorter validity periods, we recommend enabling automatic certificate renewal.
Adopt ACME (Automated Certificate Management Environment) for hassle-free renewals.
Review your certificate management system to ensure it can accommodate the new validity rules.
If you have any questions or need assistance updating your certificates, feel free to reach out to our support team. We're here to help ensure compliance and keep your security systems up-to-date.
Warm regards,
NiceNIC Team
ICANN Accredited Registrar since 2012
Domains | Reseller API | Business Email | SSL Certificates | Servers
OTHER NEWS:
