SSL / TLS Certificat industry is moving to mandated shorter For All Brand SSL/TLS certificate lifespans. SSL will begin enforcing these changes on March 12, 2026 (ahead of the CA/B Forum requirement starting March 15, 2026). This will increase how often certificates must be reissued during a purchased term and it will change how long Domain Control Validation (DCV) can be reused.

WHAT’S CHANGING

  • Existing certificates issued on or before March 12, 2026 remain valid until expiration (unless revoked).
  • TLS / SSL certificate validity is shortening to approximately a 6-month (199 days) maximum per issued certificate.
  • Applies to all publicly trusted SSL/TLS certificates newly issued (including renewals and reissuances) after March 12, 2026.

WHY IT MATTERS

  • More frequent reissuance: You will need to obtain/install new certificates more often to stay protected and avoid outages.
  • Validation timing: with more frequent reissuance, customers will encounter DCV ‘SSL DV’ Domain Control Validation (Validation de Contrôle de Domaine), requirements more often—so they should plan ahead to avoid delays.
  • Set expectations for term behavior: You can still buy 1–5 year TLS subscriptions, but each issued certificate is valid for up to 6 months (199 days).
  • This means 1-year products will now require reissuance during the year, similar to multi-year terms, so you can obtain additional certificates for the remaining time in your purchased term.