TLS/SSL certificates will expire every 47 days instead of every 398 days from 2029

The group of certifying entities “CA/B forum” in charge of defining and managing different digital certification standards since 2005, has decided to drastically reduce the period of validity of TLS/SSL certificates.

If before the year 2020 the TLS/SSL certificates They had a validity of 825 days, from that year they became a validity of 397 days and now, five years later, The validity of the TLS/SSL certificates will be only 49 days.

The decision has been made, as on other occasions, through a vote in which the group certifying entities have agreed this reduction.

This reduction of the validity period of TLS/SSL certificates will not be hit and will be done progressively: From March 15, 2026, The new certificates will have a validity of 200 daysas of March 15, 2027 they will last only 100 days. It will be As of March 15, 2029 when the duration of the certificates will be only 47 days.

In addition, from that date you can only reuse the validation information of the domains for 10 days, once that period has passed, a new certificate will have to be requested with all the domain validation information. By way of comparison, this period is currently 825 days and will also be progressively reduced (398 days in 2025, 200 days in 2026, 100 days in 2027 and 10 days in 2029)

Companies like Apple have been actively in favor of this reduction, claiming that “The information contained in the certificates becomes less and less reliable, a problem that can only be mitigated by revalidating the information frequently. “