In accordance with the newly approved industry standards (CA/B Forum Ballot SC081v3), the maximum allowed lifespan for publicly trusted SSL/TLS certificates is scheduled to be progressively reduced starting March 2026. As a leading certificate authority, DigiCert will implement the first phase of this change in February 2026.

Key Implementation Date:

• February 24, 2026: DigiCert will no longer accept new requests for public TLS certificates with a validity duration longer than 199 days. For API requests that ask for a validity period longer than 199 days, DigiCert will automatically adjust the validity to the new 199-day maximum to ensure successful processing. All public TLS certificates issued from this day onward will have a maximum validity period capped at 199 days. This applies to all standard validation types: Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV).

Background and Industry Timeline:
This adjustment is not an isolated policy but part of a broader industry-wide shift mandated by the CA/B Forum. The schedule dictates a staged reduction in certificate lifespans:

      
* DigiCert's implementation sets its limits one day shorter than these benchmarks (e.g., 199 days instead of 200) as a precaution to guarantee compliance.

Implications for Users and Required Actions:

• For New Certificates: Customers wishing to obtain certificates with the current 397-day validity must place their orders and complete all necessary domain and organization validation steps well before this date, ensuring issuance before February 24, 2026.
• For Existing Certificates: TLS certificates already active with longer validity periods will remain fully trusted until their natural expiration date. This change only affects new certificates issued on and after February 24.
   
• For Certificate Re-issuance and Renewals:

• • Starting February 24, 2026, any reissue or duplicate of an existing certificate will be bound to the new 199-day maximum.
  • Renewal certs issued on or after February 24, 2026, will be valid for NO more than 199 days.

Please keep in mind that the maximum permitted certificate validity is based on the certificate's issue date, not the order date.

Preparing for the Future:
With certificate lifespans eventually shrinking to just 47 days, manual management will become impractical. NicSRS strongly advises customers to adopt automated tools such as CaaS subscription model and certificate lifecycle management solutions (sslTrus CLM), to handle the increased frequency of renewal and issuance. For enterprise users who manage a number of different certificates and complex network enviroment, it's highly recommended to use sslTrus CLM -- a powerful solution specifically designed to tackle the 47-day SSL challenge and can handle even the most complicated use scenarios. Use just 1 platform to issue, manage, monitor and automate your public CA SSL, private CA SSL, S/MIME and code signing.

For more detailed information on the upcoming shortened validty of SSL/TLS certificates, we have a great article here for your reference.

Reference:
https://knowledge.digicert.com/alerts/public-tls-certificates-199-day-validity
https://cabforum.org/2025/04/11/ballot-sc081v3-introduce-schedule-of-reducing-validity-and-data-reuse-periods/