"It's about making sure that, if a certificate gets into someone else's hands, it's not in someone else's hands for five years"
As of the first of September companies cannot buy a TLS certificate that lasts for longer than 398 days in a move designed to protect users from compromised certificates.
formatting link