Important Changes to SSL Certificate Lifetimes – What OSD Customers Need to Know – March 2026
Big changes are coming to SSL certificate lifetimes, and as your digital partner, OSD wants to ensure you understand what’s happening, why it matters, and how we will support you through the transition.
The organisation responsible for setting global SSL standards, the CA/Browser Forum, has announced a phased reduction in the maximum validity period for SSL/TLS certificates. This industry-wide decision will affect every Certificate Authority and every organisation that relies on SSL certificates to secure websites, applications, APIs, and internal systems.
While the changes are significant, they are being introduced gradually between 2026 and 2029, giving businesses time to adapt.
Why Are SSL Lifetimes Changing?
The move toward shorter certificate lifetimes is driven by security.
Historically, SSL certificates could be issued for multiple years. In recent years, that maximum was reduced to 398 days (just over one year). Now, the industry is moving toward dramatically shorter lifespans — ultimately just 47 days.
Shorter certificate validity periods improve security by:
- Reducing the impact of compromised private keys
- Limiting exposure from misissued certificates
- Encouraging faster adoption of stronger cryptographic standards
- Ensuring domain ownership validation remains accurate and up to date
- Driving the adoption of automation (which reduces human error)
This proposal was passed in April 2025 and applies globally across all major browsers and Certificate Authorities. It is not optional and will affect every SSL certificate issued moving forward.
Key Dates: SSL Certificate Lifetime Reductions
Currently, SSL certificates can be issued for up to 398 days.
Here is the confirmed transition timeline:
- March 15, 2026 – Maximum validity reduced to 200 days
- March 2027 – Maximum validity reduced further to 100 days
- March 2029 – Final reduction to 47 days
By 2029, SSL certificates will need to be renewed approximately every month and a half.
It’s important to note:
- Certificates issued before each change will remain valid until their natural expiry date.
- The new limits apply only to certificates issued after the effective date.
What This Means for Businesses
For organisations manually managing SSL certificates, this shift represents a significant operational change.
Instead of renewing once per year, businesses will eventually need to handle renewals:
- Twice per year (200-day phase)
- Nearly four times per year (100-day phase)
- Approximately eight times per year (47-day phase)
Manual processes will become inefficient and increase the risk of missed renewals — which can lead to website downtime, service interruptions, browser security warnings, and reputational damage.
What This Means for OSD Customers
As a Digital Agency managing SSL registrations and renewals across a wide range of client sites, platforms, and systems, OSD is already actively preparing for these changes.
We will be:
- Working closely with our SSL suppliers and Certificate Authorities
- Monitoring industry updates and compliance requirements
- Implementing automation solutions where appropriate
- Reviewing client infrastructure to ensure compatibility
- Communicating clearly with customers ahead of each milestone
Our goal is simple: to make this transition as smooth and disruption-free as possible for every OSD client.
If OSD currently manages your SSL certificates, you do not need to take immediate action. We will be reviewing your setup and advising you on the best approach well in advance of each reduction phase.
The Bigger Picture: A More Secure Web
Although shorter lifetimes may seem inconvenient at first, they are part of a broader industry trend toward a more secure and resilient internet.
Frequent certificate rotation reduces long-term risk exposure and encourages stronger operational security practices. In the long run, automated, shorter-lived certificates are considered safer than long-lived certificates managed manually.
This shift aligns with broader zero-trust and continuous security validation models that are becoming standard across enterprise IT environments.
Final Thoughts
The reduction in SSL certificate lifetimes to 200 days in 2026, 100 days in 2027, and ultimately 47 days in 2029 marks one of the most significant shifts in web security management in recent years.
While the change is mandatory across the industry, with the right preparation and automation in place, it does not need to be disruptive.
OSD is committed to guiding our customers through every step of this transition — working proactively with suppliers and implementing solutions that keep your websites and systems secure, compliant, and uninterrupted.
If you have any questions about how these changes may affect your organisation, our team is here to help.