200-Day TLS Certs Are Here: Your PQC Wake-Up Call
The 200-day TLS certificate limit took effect March 15, 2026. Here's why this change is the crypto agility foundation your PQC migration depends on.
As of yesterday, March 15, 2026, the maximum validity period for public SSL/TLS certificates dropped from 398 days to 200 days. The change, driven by the CA/Browser Forum’s Ballot SC-081v3, is already reshaping how security teams think about certificate management. But if you’re only treating this as a certificate ops problem, you’re missing the bigger picture. Shorter certificate lifetimes are laying the groundwork for something far more consequential: the migration to post-quantum cryptography.
TL;DR: The new 200-day TLS certificate limit is not just an ops nuisance. It is forcing the automation and crypto agility that organizations will need for post-quantum migration anyway.
What Changed and What’s Coming
The 200-day limit is just the first phase. The CA/Browser Forum has laid out an aggressive reduction schedule that will compress certificate lifetimes to 100 days by March 2027 and just 47 days by March 2029. Domain validation reuse periods will shrink in lockstep, dropping to 10 days by 2029.
For organizations still managing certificates manually, the math is unforgiving. A 200-day certificate means renewal cycles roughly every six months. At 47 days, you’re rotating certificates almost every month. Without automation, that’s a recipe for outages, compliance gaps, and exhausted security teams.
Why This Matters for Post-Quantum Readiness
The connection between shorter certificate lifetimes and post-quantum cryptography isn’t coincidental. Both trends converge on the same operational requirement: crypto agility.
Crypto agility is the ability to rapidly swap, update, or layer cryptographic algorithms across your infrastructure without breaking production systems. When NIST finalized its first three post-quantum standards in August 2024 — ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) — the agency made clear that organizations should begin transitioning immediately. But transitioning to post-quantum algorithms across TLS, code signing, VPNs, and authentication systems demands exactly the kind of automated, high-frequency certificate and key management pipeline that shorter lifetimes are now forcing teams to build.
In other words, if you can’t handle 200-day certificate rotations today, you’re not going to be ready for PQC algorithm rollouts tomorrow.
The Harvest-Now-Decrypt-Later Clock Is Ticking
The urgency isn’t theoretical. Intelligence agencies across multiple nations have publicly warned that adversaries are already capturing encrypted traffic at scale, banking on future quantum computers to decrypt it. This harvest-now-decrypt-later (HNDL) threat model means that data encrypted with vulnerable algorithms today is already at risk, even if cryptographically relevant quantum computers are still years away.
The G7 Cyber Expert Group underscored this in January 2026 when it released a coordinated roadmap urging financial institutions to begin their post-quantum transition now, with high-priority systems targeted for migration by 2030-2032 and full transition by 2035. The U.S. NSA’s CNSA 2.0 timeline is even more aggressive, requiring all new National Security System acquisitions to use post-quantum algorithms by January 2027.
Every month an organization delays building automated cryptographic infrastructure is another month of encrypted data exposed to future quantum decryption.
What Security Teams Should Do Now
The 200-day certificate change is an opportunity, not just an obligation. Here’s how to use it as a springboard for PQC readiness.
Automate certificate lifecycle management. If you haven’t deployed a CLM platform, this is the forcing function. Forrester research shows a 243 percent ROI for organizations that automate, and manual workflows simply won’t scale to 100-day or 47-day lifetimes.
Conduct a cryptographic inventory. You can’t migrate what you can’t see. Map every certificate, key, and cryptographic dependency across your infrastructure. This inventory is the foundation of any PQC migration plan and a key recommendation from both the G7 roadmap and NIST guidance.
Test hybrid key exchanges. The IETF has defined hybrid TLS key exchange profiles combining classical algorithms like X25519 with ML-KEM. Akamai announced it completed PQC updates for mid-tier connections across its entire network in Q1 2026, proving hybrid deployments work at scale with minimal latency impact.
Build toward crypto agility. Treat every certificate rotation as a rehearsal for the algorithm transitions ahead. The organizations that can rotate certificates seamlessly today will be the ones that can swap in post-quantum algorithms without downtime tomorrow.
The Bottom Line
The 200-day TLS certificate limit isn’t just a compliance checkbox. It’s the opening move in a much larger transition toward quantum-resistant infrastructure. Organizations that invest in automation and crypto agility now will find themselves far better positioned when PQC migration deadlines arrive. Those that don’t will be scrambling — and their encrypted data may already be in the wrong hands.
The clock started yesterday. The question is whether you’re building the infrastructure to keep up.