University IT
Certificates limited to 199-day expirations
199-day validity
The Certification Authority Browser Forum (or CA/Browser Forum for short) has passed a new recommendation that starting on March 15, 2026 all SSL certificates used for serving web pages should be valid for no more than 200 days from issuance. In particular,
TLS server certificates issued on or after March 15, 2026 00:00 GMT/UTC must not have a validity period greater than 200 days.
Almost all Certificate Authorities and browser vendors are following this recommendation. Most of the major browser vendors have released (or soon will release) versions of their product that will flag as insecure web sites using certificates not meeting the above recommendation.
Note that certificates issued before the above date that have expirations longer than 200 days will not be affected: they will still work and be accepted.
For more information, see the CA/Browser Forum's "Latest Baseline Requirements".
Future timeline
- 3/15/2027: Max validity reduced to 99 days
- 3/15/2029: Max validity reduced to 46 days
