SSL Certificates: changes to rules on validity and duration
SSL certificates are now a fundamental component of cybersecurity: they are essential for protecting the exchange of information between servers and users on any website, application or online service that handles sensitive data.
However, the regulatory and technical framework governing them is set to undergo significant changes.
Between 2026 and 2029, one of the most significant transformations for the web will take place: the maximum validity period of digital certificates will be progressively reduced to just 47 days.
For businesses and professionals managing digital infrastructure, understanding this development is essential for properly planning the protection of their systems and corporate information.
Security and authenticity: the role of SSL certificates
Before delving into the new deadlines for renewing digital certificates, let’s try to understand exactly what an SSL certificate is and what it does.
SSL certificate: what it is and what it does
An SSL certificate is a digital file, issued by a certification authority (CA), which performs two key functions:
- it authenticates the identity of a website;
- it encrypts data traffic between the user’s browser and the server.
We can think of it as a digital identity document. Just as an identity card confirms who we are, SSL certifies that the site is authentic and ensures that no one can intercept the information exchanged with it.
Where can I find the SSL certificate?
The answer is straightforward and can be seen directly in your browser. By clicking on the padlock icon next to the URL, you can view all the details of the certificate associated with the site, including:
- the issuing authority;
- the certificate’s expiry date.
What is the difference between SSL and HTTPS?
It is common to get confused, but the distinction is simple:
- SSL/TLS: this is the invisible engine, i.e. the cryptographic protocol that guarantees security;
- HTTPS: this is the visible result. It is the secure version of the HTTP protocol.
In other words, HTTPS only exists thanks to the presence of a valid SSL certificate.
SSL certificates: the 2026–2029 roadmap and the timeline for change
The CA/Browser Forum – the body bringing together the leading certification authorities and vendors of the most widely used browsers – has approved a gradual and progressive reduction in the maximum validity period of SSL certificates.
Here is the official transition schedule:
- until 14 March 2026: maximum certificate validity of 398 days;
- from 15 March 2026: the limit is reduced to 200 days, effectively halving the previous validity period;
- from 15 March 2027: a further reduction to 100 days, with a mandatory quarterly renewal cycle;
- from 15 March 2029: the final limit of 47 days comes into force.
The 47-day period is based on a specific technical rationale: it ensures coverage for a full month plus a 15-day period of the following month, including an additional day of grace. This configuration is designed to support automated monthly renewal cycles, whilst maintaining an operational safety margin.
The benefits of a shorter validity period for data protection
Shortening the lifecycle of digital certificates generates tangible benefits for the entire web infrastructure.
Firstly, it drastically limits the window of vulnerability: should a digital certificate be cloned or compromised, its very short expiry period would ensure that the damage is minimal.
Furthermore, it requires much more frequent validation of site ownership, preventing outdated information from remaining accredited for months.
Last but not least, the need for frequent updates acts as a catalyst for the adoption of automated processes, eliminating the risk of human oversights or oversights at source.
Automation: the only path to operational efficiency
Having to manage expiry dates every 47 days makes relying on manual SSL certificate procedures unsustainable for any organisation. Anyone managing even just a few dozen certificates would find themselves carrying out renewals almost continuously.
Consequently, automation becomes an essential requirement. There are essentially two viable options:
- ACME (Automatic Certificate Management Environment) protocol: an open-source ecosystem that manages every stage – from certificate issuance to renewal – entirely autonomously, eliminating the need for human intervention;
- CLM (Certificate Lifecycle Management) systems: management architectures designed for organisations requiring centralised control to monitor expiry dates, activity logs and large-scale automation.
Guidelines and measures for corporate compliance
With the 15 March 2026 deadline now passed, the new regulations are fully in force.
For businesses that have not yet adapted their systems, there is a real risk of service outages and users receiving ‘site not secure’ warnings.
The priority actions to be taken immediately are as follows:
- inventory all active SSL certificates, including their expiry dates, issuing CAs and associated systems;
- adopt automation tools: integrate the ACME protocol or a CLM platform into your technology stack;
- train IT teams on the new automated SSL certificate management processes;
- monitor updates from the CA/Browser Forum and major CAs to adapt to any changes.
Organisations that act early will be best placed to manage the transition smoothly, avoiding last-minute operational pressures.
REQUEST A NAMIRIAL CONSULTATION
Managing the evolution of SSL certificates requires a structured approach and reliable technological tools.
Namirial SSL/TLS certificates are designed to offer security, reliability and compliance in every operational scenario. Thanks to advanced encryption systems and compliance with the eIDAS Regulation (ETSI EN 319 411-1 standard), they guarantee data protection and full legal recognition at European level.
Adopting the right tools today means preventing critical issues and ensuring the continuity of your digital services.
To best prepare your company and confidently navigate change, fill in the form below and request a free, no-obligation consultation with Namirial’s experts, who are ready to help you identify the most effective solution for your needs.
