What's happening?

SSL and Code Signing certificate lifecycles are gradually being shortened in the near future. 

Starting February 23, 2026: Sectigo Code Signing certificates reduced to 1 year maximum

Starting March 12, 2026: Sectigo SSL certificates reduced to 199 days maximum

March 15, 2026 is the industry-wide deadline for this first phase of reductions. 

Check the table below for the timeline of each reduction phase. Note: individual CAs may implement changes earlier than the industry deadline.

Why is this happening?

Certificate lifecycles are being shortened to increase the frequency of validation checks that only occur prior to issuance. The longer a certificate lives, there is a higher chance that the subject data it contains (such as domains and organization or individual information) will become incorrect or inaccurate before the certificate expires. 

The primary purpose of certificate lifecycle reduction is to strengthen existing validation practices and ensure the integrity of certificate data over time. Shorter certificates also enable you to stay on track (and compliant) with changing industry standards and updated security practices.

What do I need to do?

There is no immediate action required. Existing certificates are not affected by these term changes and will remain trusted until their planned expiration date. 

If you have a multi-year order that needs to be re-issued or renewed after the CA's deadline, that next certificate will reflect the new maximum validity term. 

Moving forward, you will follow a more frequent replacement schedule for your certificates. Don't worry, we will continue sending early reminders when it's almost time to re-issue or renew your certificate.

Will my current certificate be distrusted?

No, all active and valid certificates will remain trusted until their set expiration date.

What if I have a multi-year certificate plan?

Your existing multi-year SSL certificate plan will continue to be usable through the purchased term. After the shortened term deadline, re-issuing your order will result in a new certificate with the maximum possible validity period (or as much time as is left on the plan, if it's less than the standard maximum).

How will this affect the certificate ordering process?

There will be no changes to any of the certificate purchase, enrollment, validation, and management processes as they are now. Only the frequency of required re-issue or renewal is increasing.

Will there be new short term certificate products available for purchase?

No, our certificate products are not changing at all. We will continue to offer a minimum 1-year plan for SSL and Code Signing certificates and allow multi-year SSL plans up to 3 to 5 years (depending on the type of product). 

We will not offer a 200 day or 6 month SSL certificate plan; the minimum term is 1-year.

Can I pay for just 200 days of certificate instead of a year?

No, the minimum plan available for purchase is 1-year.

How will shorter certificates affect validation?

As certificate terms get shorter, the validated data re-use period gets shorter as well. You may expect to undergo validation when re-issuing or renewing a certificate if it is passed the allowed re-use period for your domain or organization.

• Domain validation will be required every 199 days (shortened from 397 days)
• Organization validation will be required every 397 days (shortened from 825 days)

Certain SSL products may also require re-validation with every request regardless of the re-use period.

Can I automate the certificate replacement process?

AutoInstall SSL is available for purchase as an add-on to Domain Validation (DV) SSL certificates. AutoInstall SSL works with Windows/IIS, Apache, and NGINX servers. 

In the near future we will release additional certificate automation options.