In accordance with a newly approved industry standard (CA/B Forum Ballot SC081v3), the maximum allowed lifespan for publicly trusted SSL/TLS certificates is scheduled to be progressively reduced. As a leading certificate authority, DigiCert will implement the first phase of this change in 2026.
 

Key Implementation Dates:

• Effective February 3, 2026, at 18:00 UTC: DigiCert will no longer accept new requests for public TLS certificates with a validity duration longer than 199 days. For requests that ask for a validity period longer than 199 days, DigiCert will automatically adjust the validity to the new 199-day maximum to ensure successful processing.
• Effective February 17, 2026, at 18:00 UTC: All public TLS certificates issued from this time onward will have a maximum validity period capped at 199 days. This applies to all standard validation types: Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV).

Background and Industry Timeline:
This adjustment is not an isolated policy but part of a broader industry-wide shift mandated by the CA/B Forum. The schedule dictates a staged reduction in certificate lifespans:

       
* DigiCert's implementation sets its limits one day shorter than these benchmarks (e.g., 199 days instead of 200) as a precaution to guarantee compliance.

Implications for Users and Required Actions:

• For New Certificates: Customers wishing to obtain certificates with the current 397-day validity must place their orders and complete all necessary domain and organization validation steps well before the February 3, 2026 deadline, ensuring issuance by February 17, 2026.
• For Existing Certificates: TLS certificates already active with longer validity periods will remain fully trusted until their natural expiration date. This change only affects new certificates issued after the cutoff.
   
• For Certificate Re-issuance and Renewals:

• • Starting February 3, 2026, any reissue or duplicate of an existing certificate will be bound to the new 199-day maximum.
  • Renewals processed on or after February 17, 2026, will result in certificates valid for no more than 199 days.

"What would happen if I order 1-year or multi-year DigiCert SSL certificates? They are longer than 199 days."

Your order will retain its subscription period, but each individual certificate issued during that period will only be valid for a maximum of 199 days. When a certificate nears expiry,  a new one will be reissued at no extra cost to continue service until the subscription plan itself ends.

Preparing for the Future:
With certificate lifespans eventually shrinking to just 47 days, manual management will become impractical. NicSRS strongly advises customers to adopt automated tools such as CaaS subscription model and certificate lifecycle management solutions (sslTrus CLM), or the ACME protocol within DigiCert CertCentral, to handle the increased frequency of renewal and issuance.

For more detailed information on the upcoming shortened validty of SSL/TLS certificates, we have a great article here for your reference.