In January 2026, Hostpoint decided not to offer any new paid SSL certificates for external hosting on account of an industry-wide change to the maximum validity period for SSL certificates. In this article, we explain what this change means for Hostpoint customers.
Reason for this decision
In April 2025, the CA/Browser Forum – a consortium of certification authorities and vendors of web browsers – decided to gradually reduce the validity period of public SSL certificates.
As of January 2026, the maximum validity period for such certificates is 398 days, i.e. around 13 months. Following the CA/B Forum’s decision, the validity period will be reduced as follows:
- As of March 15, 2026: max. 200 days
- As of March 15, 2027: max. 100 days
- As of March 15, 2029: max. 47 days
This change means that SSL certificates will have to be reissued much more frequently in the future. This is not a problem for customers whose websites are hosted by Hostpoint, as the certificates will simply be automatically generated and installed.
With certificates for external hosting, however, a certificate signing request (CSR) is required each time. This must be generated by the customer through the hosting provider and submitted manually with each renewal. Hostpoint then generates the certificate, which the customer must reinstall with their hosting provider. With a future term of 47 days, this would significantly increase the administrative effort.
Impact on Hostpoint customers
Customers with a paid certificate and external hosting
Customers who use a paid SSL certificate from Hostpoint for external hosting will be notified by e-mail. Their certificates will not be renewed after the current validity period expires.
These customers have two options:
- Migrate their website to Hostpoint: Customers who move their website to Hostpoint will benefit from a modern, fully automated SSL solution. They can use our free migration service for this.
- Leave their website with their current provider: Customers who do not want to move their website should contact their current hosting provider, who should be able to offer an automated SSL solution.
Customers with a paid certificate and internal hosting
Customers with a paid certificate and Hostpoint web hosting do not need to do anything. However, the CA/B Forum’s decision will result in two changes:
- The term of the contract concluded with Hostpoint will no longer necessarily correspond to the certificate validity period. The certificate will be automatically renewed upon expiry as long as the contract is valid. Customers will not be adversely affected, as certificates will continue to be renewed automatically.
- For organization validation (Business SSL) and extended validation (Business EV SSL) certificates, the company information will still be validated annually. However, this date will now be independent of the certificate renewal date.
Customers with FreeSSL certificates
FreeSSL certificates are already valid for just three months. The maximum term will also be reduced to 47 days by 2029.
No action is needed for internal web hosting, as the certificates will be automatically renewed and installed. Customers with external hosting can continue to generate and download the certificates themselves from the Hostpoint Control Panel.
For support requests please use this form instead.
