DigiCert: Important Policy Updates We would like to inform you that DigiCert will be implementing the following important updates:
1.Domain Validation Reusability Period Shortened
Effective Date: February 24, 2026 According to CA/Browser Forum Ballot SC081v3, effective February 25, 2026, the certificate validity period will be shortened to 199 days. The reusability period for domain validation will be reduced from 397 days to 199 days. Adjusted Validity:
If a previously completed domain validation has exceeded 199 days, partners must complete the domain validation process again.
This requirement applies to certificate reissue and renewal.
Failure to complete revalidation in a timely manner may result in delays in certificate issuance.
2. Supplementary Notice Regarding "DigiCert DNSSEC & MPIC Domain Validation Updates"
Following the announcement "DigiCert DNSSEC & MPIC Domain Validation Updates" released on February 4, 2026, please note that the DNSSEC verification requirement has been postponed to March 3, 2026. DNSSEC verification (if enabled) effective date: March 3, 2026, 17:00 UTC. If your domain has DNSSEC enabled, DigiCert will perform DNSSEC verification during Domain Control Validation (DCV) and Certificate Authority Authorization Check (CAA). Important Note:
DNSSEC is an optional feature and is not required for domain verification or certificate issuance. It is configured by your DNS service provider.
If your domain does not have DNSSEC enabled, no action is required, and certificate issuance will proceed as normal.
For domains with DNSSEC enabled:
DigiCert's DNS resolver will verify the DNSSEC signature during the certificate issuance process.
If verification fails, certificate issuance may be blocked.
To avoid impacting business operations, ensure that DNSSEC is configured correctly and be prepared to troubleshoot and resolve any potential issuance issues after this change takes effect.
