As per CA/B Forum Ballot SC081v3, the maximum allowed validity for publicly trusted SSL/TLS certificates cannot exceed 200 days starting March 15, 2026. All major certificate authorities will begin this change even earlier.
The adjustment date for each CA is listed below.
| Certificate Authority | Adjustment Date | New Max Validity |
|---|---|---|
| Sectigo | March 12, 2026 | 199 days |
| DigiCert | February 24, 2026 | 199 days |
| GlobalSign | March 14, 2026 | 199 days |
| sslTrus | March 12, 2026 | 199 days |
| sslTrus BasicSSL | March 1, 2026 | 199 days |
*This notice is based on CA announcements. Should there be any changes to the adjusted timelines, a separate notice will be made.
- All CAs will adjust their maximum validity to be one day shorter than the maximum allowed by the CA/B Forum.
- All renewed, reissued, and newly issued certificates will be valid for no greater than 199 days after the above specified dates.
- Your current certificates remain valid until they expire. But, if you reissue the certificates after the above specified dates by CAs, the reissued certificates will be valid for a maximum of 199 days.
No immediate action is requied. We recommend that you check the expiration dates of your current certificates. If necessary, you may renew them before the above specified effective dates by CAs . When you do so, please allow enough time to complete domain and organization validations in order for the certificates to be issued before the above dates.
Consider implementing automated SSL certificate management to avoid service outages, ensure compliance and reduce human erros, especially if you manage a number of SSLs. CROWEB.HOST offers solutions such as CaaS and CLM.
Thank you for your continued support and trust.
