SSL Certificate Validity Reduction – What You Need to Know
As of March 15, 2026, all SSL certificates have a maximum validity of 199 days. This is an industry-wide change enforced by all Certificate Authorities, including DigiCert. Your subscription and billing are not affected — certificates purchased annually or for multiple years remain the same price. However, your certificate must now be reissued and reinstalled partway through the subscription term to stay valid.
This guide explains what to expect and what action you need to take.
How the Change Affects Your Certificate
Your SSL subscription covers the full term you purchased. What changes is that the certificate installed on your server expires at 199 days and must be reissued and reinstalled before that point. The validity period will continue to shorten over the next few years:
| Effective Date | Maximum Certificate Validity |
|---|---|
| March 15, 2026 | 199 days |
| March 15, 2027 | 100 days |
| March 15, 2029 | 47 days |
What Happens Automatically
WHMCS will automatically reissue your certificate as it approaches expiration. You will receive an email notification when the reissued certificate is ready.
Reissuance is automatic — installation is not. Once reissued, the new certificate must be installed on your server before the current one expires.
Certificate Installation
If your server is hosted with Nubius Solutions
Open a support ticket and our team will install the reissued certificate on your server.
- Support portal: portal.nubius.io/submitticket.php
- Email: billing@support.nubius.io
If your server is hosted elsewhere
You will need to install the certificate manually. Follow these steps:
1. Retrieve the New Certificate
- Log in to the Nubius Customer Portal.
- Navigate to Services → My Services.
- Locate your SSL Certificate and click on it.
- Click Retrieve Certificate from the left-hand menu.
- Download the certificate files.
2. Install on Your Server
Install the certificate using the private key associated with your CSR. Follow your server or control panel's instructions to complete the installation.
Manually Triggering a Reissue
If you need to reissue your certificate manually (for example, if your private key was compromised), you will need to generate a new CSR and private key first. On Linux, use the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout your.domain.key -out your.domain.csrThen follow the steps in our guide: How to Reissue an SSL Certificate.
Important Notes
- If your certificate expires before the new one is installed, visitors will see a "Not Secure" warning in their browser. Some browsers may block access to your site entirely. Act promptly when you receive the reissuance notification email.
- Reissuances within your subscription term are included at no extra cost.
- Multi-year plans cover all reissuances for the full term.
Need Help?
- Support portal: portal.nubius.io/submitticket.php
- Email: billing@support.nubius.io
