Cambio vida útil certificados SSL

Change in the validity period of TLS/SSL certificates

/ 3 minutes of reading

A gradual reduction in the validity period of TLS/SSL certificates has been approved. It will begin on May 15, 2026, and will be reduced to just 47 days by May 15, 2029.

Contents

A recent vote by the CA/Browser Forum has approved a gradual reduction in the validity period of TLS/SSL certificates. The first change will take effect on March 15, 2026, and the validity period will eventually be reduced to just 47 days by March 15, 2029.

What are TLS/SSL Certificates?

TLS certificates are the successors of SSL. These digital objects validate that the website a user is visiting is secure. They’re represented by the padlock icon that appears to the left of the URL, and through a cryptographic system, they allow the website to be identified as secure and genuine.
Certificado TLS/SSL

Why is this reduction being implemented?

Until March 15, 2026, the maximum validity period for a TLS certificate was 398 days. The reasons for the reduction are driven by various security concerns:

  • Certificates may become technologically obsolete.

  • They may be compromised or have their private keys exposed.

  • They may remain valid even after control of the domain no longer belongs to the legitimate owner.

By reducing the renewal periods, if a certificate is attacked or compromised, it will not remain valid for many more days.

Performing this audit not only allows us to detect cybersquatting or vulnerabilities (such as relevant domains that haven’t been registered) but also to identify markets (territories) or sectors (sector-specific extensions) with a higher incidence of unauthorized use.

How will these reductions be implemented over time?

The following schedule outlines the timeline for the upcoming changes and the validity periods of certificates at each stage. The first reduction in the expiration date will take effect on March 15, 2026, when certificates will decrease from a validity of 398 days to 200 days. These reductions will be gradually implemented until the validity period reaches 47 days on March 15, 2029.

Reducción del tiempo de vida útil certificados TLS/SSL

How does this change affect all our clients?

Currently, certificates typically have a one-year validity. As a result, less technical clients will begin receiving more frequent notifications from their hosting provider to update their certificates. For more technical users, it’s recommended to implement automation for certificate issuance and renewal.

It’s advisable to use providers like Ubilibet, which, together with DIGICERT, is working to offer 100% automated renewal management and support for the ACME protocol.

What is the ACME protocol? ACME stands for Automatic Certificate Management Environment. It enables the automated issuance and renewal of certificates, making it easier and safer to use HTTPS on websites. This automation is key to protecting your digital and brand identity and ensuring a trustworthy online presence.

Scroll to Top