Friendly reminder that the first SSL/TLS certificate shortening cycle is approaching on March 15th, 2026 (398 Day to 200 Days). Certificates generated after March 15th, 2026, will have a maximum 200-day lifespan.
Over the past year, the information security team has supported and helped to transition many Facultys/Departments that have already migrated to certificate automation and are well prepared for the first shortening cycle.
As an industry wide move, the CA/Browser Forum of certificate authorities (CAs) has voted to reduce the lifespan of SSL/TLS certificates from 398 days to 47 days in 2029 to help improve security. SSL/TLS certificate lifespans will be gradually reduced beginning on March 15, 2026:
This industry mandated move helps to increase security, prepare for quantum challenges, encourages automation and operational excellence.
Over the next years, SSL/TLS certificates will gradually have shorter lifespans. Starting on March 15, 2026, SSL/TLS lifespans will be reduced to 200 days until reaching a lifespan of 47 days on March 15, 2029. This provides time for organizations to transition to use certificate automation.
Facultys/Departments are encouraged to have an inventory of their SSL certificates and mapping their systems to adopt SSL Certificate Automation (ACME) or by using another automation protocol.
If you have any questions, please don’t hesitate to contact the Information Security team at c-it-security@mcmaster.ca
Inside Mac ➚
Service Updates
Service Updates, Zoom