The CA/Browser Forum, the industry body that sets the rules for digital certificates, has officially approved a significant change: TLS/SSL certificate lifespans will be reduced to 47 days. This new standard will be fully enforced starting March 15, 2029, and will be rolled out in phases over the coming years.
Key Dates to Know
-
2026: Maximum certificate validity will be reduced to 200 days
-
2027: Further reduced to 100 days
-
2029: Final reduction to 47 days
These changes aim to improve internet security by requiring more frequent certificate renewals. Shorter certificate lifespans limit the time a compromised certificate can be used maliciously and reduce the impact of outdated encryption.
What This Means for You
If you are a NodeSpace customer using Let’s Encrypt SSL certificates, you’re already in good shape. Let’s Encrypt certificates are automatically renewed through our systems. No action is needed.
However, if you’re using commercial SSL certificates—such as those issued by DigiCert, Sectigo, GeoTrust, or other providers—and you’re manually installing them, you’ll be impacted by these changes. Renewing certificates every 47 days manually will not be practical and increases the risk of service interruptions due to expired certificates.
Recommended Action
To prepare for these upcoming changes, we strongly recommend the following:
-
Automate certificate management: If you’re using third-party certificates, begin implementing automation solutions now to ensure smooth, uninterrupted renewal.
-
Switch to Let’s Encrypt: NodeSpace Hosting provides Let’s Encrypt support for most services, allowing you to benefit from short-lived, automatically renewed certificates.
-
Review your current SSL strategy: Identify any services or websites using manual certificate management and plan a transition strategy.
NodeSpace Hosting Is Here to Help
We understand that change can be disruptive, especially when it comes to security and uptime. Our team is available to help you assess your current certificate usage and guide you through the transition to automated solutions. Whether you’re using Let’s Encrypt or a commercial certificate, we can help ensure your SSL setup remains secure, reliable, and compliant with evolving industry standards.
Have questions or need assistance updating your SSL strategy? Contact our support team—we’re ready to help.