Duration of SSL certificates uploaded to the board

Do certificates uploaded via the WiFiNINA certificate updater tool last indefinitely?

I plan to offer a product with an Arduino (MKR WiFi 1010) embedded into it, to customers. The product should be able to connect securely to a website/domain. Is it enough to upload this before it is delivered to the customer/production and there will be no need to update this later on the device?
I assume that the domain it will connect to will not change.

As far as I understand, it is only the server side (domain/website) that needs to have it's certificates updated if they expire? The certificate on the client will remain the same?

Although the question is regarding MRK WiFi 1010, I guess this question is relevant for other boards as well.

Thanks.