Most developers I've talked to don't know this yet.

In March 2026 the CA/Browser Forum officially reduced the maximum SSL certificate lifespan from 398 days to 200 days. By 2027 it drops to 100 days. By 2029 it's 47 days.

That's 8x more renewal cycles per year by 2029.

The real problem isn't renewal

Let's Encrypt, Cloudflare, and most modern hosting handles renewal automatically. The problem is when auto-renewal fails silently.