Editor’s Note: This blog was originally published on 7th January 2025 but has since been updated to reflect industry changes and new insights.
Certificate lifespans are a hot topic with both Apple and Google reducing the validity period of SSL / TLS certificates. But it’s not just SSL / TLS being impacted, Code Signing certificates are facing similar trends.
Initiated by the Certificate Authority Browser Forum (CA/B Forum), the maximum validity period for Code Signing Certificates will be reduced from 39 months to 460 days.
What is Changing?
The CA/B Forum has directed that the maximum validity period for a Code Signing Certificate will be reduced from 39 months to 460 days.
When is This Change Happening?
This change will be coming into effect on 1 March 2026.
Why is This Shift Happening?
This new directive is being introduced by the CA/B Forum as part of their best practice guidelines aimed at enhancing the security of digital certificates. By reducing the lifespan of certificates, the intent is to limit potential exposure to vulnerabilities that could arise from outdated or compromised certificates. As a Certificate Authority, we are adopting this change in accordance with the industry standards set by the CA/B Forum.
Whilst reduced lifespans do mean more frequent renewals, short lived certificates do have considerable benefits:
- Enhanced Security: The reduction in the validity of Code Signing Certificates will limit the misuse of certificates in case of takeover attacks, minimizing potential risks to software and users.
- Streamlined Compliance: Shorter periods ensure your certificates reflect the latest security standards, keeping your software aligned with industry best practices.
How Does This Affect You?
From 26 December 2025, GlobalSign will stop issuing 2 Year and 3 Year Code Signing Certificates. GlobalSign will continue with 1 Year (366 days) Code Signing Certificates, and all new Code Signing Certificates issued or renewed after 24 February 2026, will be subjected to the new validity changes.
New Certificates: All GlobalSign Code Signing Certificates issued or renewed after 24 February 2026, will be subjected to the new validity changes. GlobalSign will continue with 1 Year (366 days) Code Signing Certificates.
Existing Certificates & Reissuances: Existing 2 and 3 year Code Signing Certificates will remain valid until their original expiration dates. However, any reissuance performed on or after 24 February 2026 must comply with the new CA/B Forum requirements.
GlobalSign are Here to Help
The reduced validity period will make certificate renewals more frequent, so it is important to review your certificate inventory and renewals in preparation for the change. In addition, GlobalSign’s Support Team are on hand to guide you through these changes to make this transition as seamless as possible.
Atlas Discovery and Certificate Management at Your Fingertips
