Automate certificate renewal and replacement
Annual plans
As of February 24, 2026, DigiCert TLS/SSL certificate plans are one year by default. Learn more about DigiCert annual plans.
Important
As of February 24, 2026, all public TLS/SSL certificates have a maximum validity of 199 days. Automated renewal is essential to maintain continuous certificate coverage without manual intervention at each renewal cycle.
Automation profiles can renew and replace certificates before expiration. Automated renewal and replacement reduce manual intervention and help prevent service disruptions caused by expired, revoked, or missing certificates.
Renewal and replacement automation applies to certificates associated with an automation profile. When enabled, CertCentral renews and installs certificates according to the lifecycle rules defined in the certificate profile and automation configuration.
During the certificate order process, you have an Auto-Renew option that allows you to automatically renew the certificate 30 days before it expires. You can update this setting after we issue the certificate. To do so, open the order's Order # details pane and slect (or clear) Auto-Renew for the certificate order.