SSL Certificate Expiration Dates are Changing

Submitted by krlu2891

on Thu, 03/12/2026 - 11:54 AM

Starting March 15, 2026, publicly trusted SSL/TLS certificate lifetimes will be limited to a maximum validity of 200 days. Going forward, this will require customers who have current SSL/TLS certificates to renew them more frequently. This validity period change is the start of a phased reduction to continue reducing the validity period of Certificates to 47 days by March 15, 2029. This change is an industry-wide effort under the Certificate Authority/Browser (CA/B) Forum requirements adopted by major browsers and certificate authorities.

Certificate lifetimes will be reduced on the following timeline:

March 15, 2026: 200 days
March 15, 2027: 100 days
March 15, 2029: 47 days

Next steps

If you have a current SSL/TLS certificate, you will continue to receive reminders about expiration as you have in the past. Please note that if you have a current SSL/TLS certificate, it will expire after the validity timeframe it was issued under (395 days). Any new certificates issued after March 15 will expire on the new validity period (200 days).

OIT Security has an active project underway to deliver certificate automation solutions to campus in the next few months and will reach out directly to those with registered certificates as automated solutions become available. Learn more about requesting an SSL Certificate at CU Boulder or email security@colorado.edu with additional questions about this process.