All renewal & expiry questions

How long are public certs valid?

Public SSL/TLS certificates are currently valid for a maximum of 398 days (about 13 months) — but that ceiling is shrinking fast. Under the CA/Browser Forum's 2025 decision, the maximum drops to 200 days in March 2026, 100 days in March 2027, and just 47 days by March 2029. Many certificates are already issued for 90 days or less (Let's Encrypt's default) to work with automated renewal.

Other 'public certificates' follow their own clocks: notarized documents don't expire but lose practical currency; apostilles are often expected to be recent; professional licenses typically run 1–3 year cycles set by their boards.

The direction of travel is universal though: validity periods are getting shorter everywhere, which means renewal tracking is shifting from an annual chore to a continuous process.

Stay ahead of shrinking cert lifetimes

Related questions