SSL certificate lifetimes are changing: what it means for you.

On 15 March 2026, SSL certificates got shorter lifespans. The maximum validity for newly issued certificates dropped from 365 days to 200 days.

This was not a EuroDNS-specific update. It was an industry-wide shift driven by the CA/Browser Forum: the group that defines the rules trusted by browsers like Chrome, Safari, and Firefox.

Moving towards 47-day certificates

The move to 200-day certificates is part of a much bigger roadmap.

For years, certificate lifetimes have been shrinking. Back in 2020, certificates could last up to 398 days. Now, the industry is accelerating that trend:

• 2026: maximum 200 days
• 2027: maximum 100 days
• 2029: as low as 47 days

As you can see, eventually SSL certificates may only last about a month and a half. But.... why go through all these changes? The answer is simple: the CA/Browser Forum is deliberately pushing toward a more automated, more secure web.

Why SSL certificates keep getting shorter

At first glance, shorter certificate lifetimes might sound inconvenient. More renewals, more work… right?  But shorter lifespans play a vital role in creating a more secure digital space for everyone. Shorter certificate lifespans reduce the risk window if something goes wrong. If a certificate is compromised, misissued, or tied to outdated ownership data, it won’t stay valid for long. They also force more frequent validation of domains and organizations, which improves overall trust in HTTPS connections.

In simple terms: less time to exploit, more confidence for users.

The real goal is automation, not more work

There's a second benefit gained from shortening certificate lifespans: the industry is now pushing for automation.

Manual SSL management doesn’t scale anymore. When certificates last 200 days (and soon 47!) renewing them by hand becomes risky and unsustainable. That’s why this change has sparked an industry re-investment in SSL automation.

Technologies like ACME allow certificates to be issued, renewed, and installed automatically in the background. No reminders, no downtime, no last-minute panic. Shorter lifetimes don’t mean more effort. They mean smarter systems doing the work for you.

What this means for our SSL customers

If you already have an SSL certificate with EuroDNS, your domains will remain protected for the duration you purchased, even as industry standards shift to shorter certificate lifespans.

To adapt to these changes, we will offer customers an automatic certificate reissual process. It will alert you before expiry, along with reminders and confirmation emails to keep you informed.

If you're using EuroDNS hosting with auto-install enabled, your certificates can be deployed automatically. No action required. 

For external hosting or custom server setups, a small manual step is required: you’ll need to install the reissued certificate on your server. We’ll notify you in advance so you have everything you need to stay protected without interruption.

Soon, we will offer an organizational solution designed for fully automated certificate management at scale.

The bigger picture: the end of manual SSL

This change signals something bigger than just “shorter certificates.” It marks the end of manual SSL management. As lifetimes continue to shrink, automation becomes essential, in particular for large organizations and domain portfolios. Very soon, automated SSL management for organizations is coming to EuroDNS.
Soon, we'll share more on a solution designed to handle certificate issuance and renewal at scale, because the future of SSL is fully automated.

Want to upgrade your SSL protetion? Explore our SSL certificate solutions.