Home/Blog/Liferay / DXP
Liferay / DXP

The end of Liferay Community Edition: what the unified 2026 model changes for your platform — and how to preserve its value

With the 2026.Q1 release, Liferay unifies CE and DXP into a single, key-activated platform. An operating-model change, not just another version bump, that touches organization, risk and platform upkeep. What to anticipate.

BT
Boubker Tagnaouti
Associate Director · June 15, 2026 · 7 min read
The end of Liferay Community Edition: what the unified 2026 model changes for your platform — and how to preserve its value

For over twenty years, organizations using Liferay lived with a clear line. On one side the Community Edition, free and keyless, that you installed and ran for years. On the other Liferay DXP, the enterprise edition, on subscription. That line has just disappeared.

With the 2026.Q1 release, Liferay moved to a single, modular platform: one product, one download, whose capabilities are now unlocked by an activation key. The Community Edition as we knew it no longer exists. In its place, a Free Tier: the same platform core as the enterprise edition, unlocked by a free key.

Many teams read this shift as just another version upgrade. That reading is risky. It is not one more technical evolution but an operating-model change: it touches organization, risk and update management. And, ultimately, the value of everything you have built on Liferay.

This article takes stock of what really changes, and of the questions to ask before the first key reaches its expiry.

What changes, and why

The principle is simple to state: everyone now runs the same Liferay DXP. What distinguishes you from an enterprise subscriber is no longer the installed product, but the key you deploy on it.

For a former CE user, three changes reshape day-to-day operations. First, an activation key becomes mandatory: where CE asked for nothing, the Free Tier requires a free key, obtained from the Liferay Marketplace. It is valid for twelve months, renewable at will, and tied to a domain (or to localhost for development); clustering remains possible up to three nodes sharing the same database, with no additional key. Second, a quarterly cadence: the Free Tier gives access to the first version of each quarterly release, four major deliveries a year, with new features, fixes and security updates. Third, a path to enterprise without migration: if your needs evolve, moving to an Enterprise subscription is no longer a migration project but a simple key swap, on an identical environment.

Why this choice? Maintaining two distinct distributions was expensive for the vendor and fragmented the ecosystem. By unifying, Liferay reduces that fragmentation, keeps a single codebase (hence a single quality and security line), paces its deliveries on a predictable quarterly cycle, lowers its maintenance cost, and removes the CE-to-DXP migration cliff that discouraged subscription upgrades. This is not an opportunistic commercial decision but an industrial one. A choice that nonetheless shifts part of the operational responsibility onto the user. That is where your preparation matters.

From “install and forget” to a managed lifecycle

The CE model tolerated inertia: an installed platform could sit for years with no administrative concern. That time is over. The Free Tier introduces a lifecycle to manage, with a key that expires, a domain to maintain and version eligibility to track. Concretely, a responsibility must be named. Who tracks key expiry? Who decides when to move to the quarterly release? Without this clear ownership, the risk is not theoretical: a key not renewed in time, and normal platform operation can be interrupted.

The quarterly cadence is in fact a strength, provided you make it a discipline. Four predictable appointments a year let you plan platform upkeep instead of enduring it. The opposite trap is well known: letting the backlog build up. Every quarter not applied moves the platform further from the current version, increases the step to clear, and brings closer the moment when “updating” becomes a project of its own. Technical debt is paid back with interest. The real question is therefore not whether to update, but how to industrialize the version upgrade: staging environments, regression tests on customizations, Client Extensions management, cutover plan. This is where tooled support makes the difference between a platform that ages and a platform that stays alive.

The real issue: security and obsolescence

This is the most underestimated point, and the most important for an organization subject to security requirements, the public sector first and foremost.

The Free Tier’s eligibility scope is bounded. For each quarter, eligibility starts at the .0 release and runs until the patch designated as stable. Once that version is declared, later patches in the quarter are no longer eligible for the Free Tier: intermediate fixes, including ongoing security fixes, remain reserved for the Enterprise subscription. For an exposed platform, this creates a potential exposure window: if a critical vulnerability appears mid-quarter, a Free Tier user must wait for the next quarterly delivery, or move to a subscription.

To this are added capabilities outside the free scope, often non-negotiable in a regulated environment: strong authentication and federation (MFA, SAML), audit and compliance frameworks, advanced search tuning, graphical workflow designer, vendor support and native integrations. In the Free Tier, security is self-managed. It is an architectural fact to factor in from the framing stage, not a surprise to discover in an audit.

A quieter risk completes the picture: functional obsolescence. Several historic building blocks are moving to a maintenance status. The traditional CMS (Web Content, Blogs, Documents & Media, Knowledge Base) shifts to the new Liferay CMS, Message Boards are deprecated in favor of the Questions widget, and the migration to Jakarta EE commits you to a technical trajectory. A platform frozen on end-of-life components becomes, year after year, a candidate for decommissioning.

Turning the constraint into an opportunity

The great promise of the 2026 model is investment portability. You start on the same platform you will grow on; moving to enterprise destroys nothing, it is a key change. What you build today is no longer condemned to be redone tomorrow. This portability is only real under three conditions: stay up to date, anticipate the modernization of end-of-life components, and govern the lifecycle. Securing the investment is not only about not breaking the existing system; it is about keeping all options open, whether staying on the Free Tier, moving up to Enterprise the day compliance requires it, or activating new capabilities, without ever being cornered into rebuilding everything.

Here a genuine strategic reversal comes into play. The unified 2026 platform is not a rebranded CE: it is a foundation that becomes composable, headless and open to AI. The Objects-oriented CMS becomes the main content model, with API delivery (REST, GraphQL) designed for decoupled architectures, while Client Extensions and a low-code approach broaden the extension possibilities. This unified platform is also the foundation on which Liferay now builds its new capabilities, notably AI Hub, its AI-agent orchestration block, model-agnostic and backed by the existing security framework (offered today as a separate SaaS product).

The message for a decision-maker is simple. A frozen CE platform looks, to an investment committee, like an asset to decommission. The same platform, kept up to date and governed, becomes a foundation ready for AI and composable architecture, an asset to reinvest in. The choice between decommissioning and capitalizing is not decided by the product, but by preparation.

Where to start

A few questions are enough to place your platform:

  • Do you know your key’s expiry date, or don’t you have one yet?
  • What is the version gap between your current platform and the current release?
  • Does your foundation rely on end-of-life components?
  • Is your security posture compatible with the self-managed model, or do your requirements (MFA, SAML, audit) call for enterprise?
  • Do you have an architecture target (headless, composable, AI) toward which to converge the platform?

If some of these answers are missing, that is not a problem: it is exactly the starting point of a framing exercise.

At Beorn, a Liferay partner, we support organizations that want to secure the upkeep of their platform in this new model, without giving in to either haste or inertia. It starts with a situation audit (version, keys, deprecated components, security posture, technical debt), continues with a roadmap that industrializes version upgrades and modernizes end-of-life building blocks, and takes shape as secured upkeep: lifecycle governance, security watch, key-expiry management. The goal stays the same: leveraging composable, headless and AI to turn a threatened asset into a foundation for the future. Our approach is true to the way we work, transparent about maturity gaps, pragmatic about priorities, and focused on long-term value.

Before talking migration or subscription, we prefer to answer a simpler question: how do you preserve the value of your platform for the next five years?

A project in mind?

Our teams frame your roadmap and secure every step. Let’s talk.

Discuss your project →
Read next

On the same topic

All articles →
Liferay / DXP

Generalist LLMs hit their limits: lessons from building a Liferay-expert AI agent

June 29, 202610 min
Architecture

Agility in the age of AI: when production speed is no longer the problem

July 6, 20266 min
AI & agents

From market watch to response file: how agentic AI transformed our handling of tenders

June 22, 20265 min