SSL validity is shrinking, and your SSL management is getting simpler 

Certificate lifespans are shrinking across the industry, and the first milestone lands on March 12, 2026. From that date, all Certificate Authorities will issue SSLs with a maximum validity of 200 days. The reduction doesn’t stop there: the CA/Browser Forum has approved a phased schedule that brings certificates down to 100 days in 2027 and 47 days by 2028.

The reasoning is straightforward. Shorter certificates limit how long a compromised key can be exploited, keep domain ownership checks up to date, and push the industry toward automated renewal as the default. As lifespans shrink, automation stops being a convenience and becomes the practical standard. 

Any certificate you currently have active will run out its full original term unaffected. Nothing cuts short early.

What changes after March 12

New certificates issued on or after March 12 will each cover roughly seven months. Your currently issued certificates will remain valid until expiration.

Our pricing and billing cycles remain exactly the same. We offer a subscription-based service where you prepay for the period you need, with bigger discounts for longer terms. The years you pay for are the years you get — no extra fees. The one thing to know is that due to a new industry-wide standard, the SSL file itself will periodically need to be reissued and reinstalled within your prepaid period. This applies to every provider without exception. 

For single-domain SSL, we already have automation in place to make this seamless, with more automation methods on the way.

Is your SSL already automated?

Go to Account > SSL Certificates to check. 

• Certificates labeled as web-based automation, server-side automation, or Namecheap SSL (Shared Hosting tool) will reissue themselves every 200 days without any action on your part.
• Certificates marked as manual will need periodic reissue. Switching to one of the automation options below eliminates that requirement. Manual certificates also get 30-day alerts before each renewal cycle.

Automation currently covers single-domain certificates activated through Namecheap.com. Wildcard, multi-domain, and API-based automation arrives between March and June 2026.

Three ways to automate

• Web-based automation (SSL Proxy)

SSL Proxy handles the entire certificate lifecycle automatically — issuance, installation, renewal, reactivation — with no server configuration and nothing to maintain on your end. The only requirement is that your domain uses Namecheap DNS. If it’s currently on third-party DNS, migration happens automatically during SSL setup. An option to use the proxy while keeping third-party DNS is coming soon. 

This option is compatible with any hosting environment that doesn’t already include a built-in CDN or proxy layer. 

Availability: Single-domain is live now, wildcard arrives in March, and multi-domain plus API support follows by June.​​​​​​​​​​​​​​​​

• Server-side automation (SSL manager)

SSL Manager is the right choice when proxying isn’t an option. It installs a lightweight scheduled task on your server that communicates with our SSL API to handle renewals and installation automatically. Supports cPanel and servers with root or admin access.

Setting it up is minimal — on cPanel, it’s a file upload followed by a quick visit to your website URL to complete setup. On root or admin servers, a single terminal command gets you running. Either way, the scheduled task runs quietly in the background and touches nothing else on your server.

Because it runs on our API rather than ACME, there are no clients to install, no domain control validation logic to manage, and no configuration files to maintain.

Availability:  Single-domain is available now, with wildcard support arriving in April, API access in May, and multi-domain support in June 2026. 

• Automated SSL issuance with manual installation

Automated SSL issuance with manual installation is for setups where neither of the above fits.

Comments 44 Comments in moderation

For domains on Namecheap DNS, SSL is automatically reissued every 200 days with no action needed on your end. For domains on third-party DNS, you add a single CNAME record to your DNS zone pointing to a Namecheap-managed zone that holds your Domain Control Validation data — after that, every 200-day cycle triggers automatic validation and issuance without any further manual steps.

To deliver a ready-made certificate, we generate the CSR and private key for you. Once ready, you download it along with the private key using a one-time password sent to your account email, then install it on your server.

This option becomes available between June and August 2026.

Wrap up

Shorter SSL lifespans are an industry-wide shift, yet your current one-year certificates will remain valid for their full term. We’re committed to a smooth transition: automation already handles renewals, and even more options will roll out steadily throughout 2026.

Need an SSL certificate?

Plans begin at $5.99/year. Explore the full range to find the certificate that suits your domain and security needs.