Login Book a Meeting
Services
Go back Show all Services

We manage, develop, and protect your digital assets.

Industries
Go back Industries

Secure your brand digitally within your industry.

Clients
News
Go back Show all News

News and tips from the world of domains and the internet.

Knowledge Hub
Login Book a Meeting

Shorter certificate lifespans – Is your organization ready for the transition?

There have been indications that Google and other major browsers aim to significantly shorten the validity period of digital certificates, from the current 398 days down to 90 days. Apple has now taken it a step further by submitting a draft proposal to reduce the validity period of these certificates to as little as 45 days by 2027, with the goal of enhancing security. If this proposal is approved, it will bring significant changes in how organizations manage their certificates, increasing the need for automated certificate management.

However, it is essential to point out that this is still only a proposal that must be approved before it can take effect. Nevertheless, the proposal clearly signals the industry’s trend toward increasingly shorter certificate validity periods. We should also remember that companies like Google and Apple can already choose to implement a shorter maximum validity period for certificates in their browsers, even without this specific proposal’s approval.

Why Are We Being Pushed Toward Shorter Validity Periods?
Shorter validity periods reduce the risk of a compromised certificate, as an attacker has less time to exploit the certificate. A shorter certificate lifespan also promotes better standards for certificate management by encouraging automated processes, which in turn minimizes manual errors. Mismanagement of certificate renewals can lead to downtime and data breaches, putting sensitive information at risk.

Is Your Organization Ready for Shorter Certificate Lifespans? To answer this question, you should start by understanding what the change means for your organization. Apple’s proposal to shorten certificate validity to 45 days reflects a clear trend in cybersecurity: shorter certificates increase security by limiting the time a compromised certificate can be used by an attacker. Under current standards, SSL/TLS certificates have a maximum lifespan of 398 days, but Apple’s proposal represents a drastic reduction to just 45 days. This is expected to become the norm by 2027, which would mean renewing certificates more than eight times a year.

We understand that having to renew SSL/TLS certificates every 45 days might sound overwhelming, especially if you are an organization with large, complex IT environments where hundreds of certificates are in use. This change implies not only a significant increase in administrative tasks but also a greater risk of operational interruptions, security gaps, and errors in handling.

With shorter certificate periods, there would be an increased burden on your IT team, particularly if you currently manage renewals manually. If the proposal is implemented, automated solutions for certificate management will become a necessity to meet the requirements without overloading your resources.

Automated Certificate Management
To effectively meet these new requirements, automation is the answer. With automated certificate management solutions, your organization can handle the increased renewal frequency without losing control or risking errors.

Automated management allows you to:

  • Enhance security: Automation minimizes human error and ensures that your servers and websites always have valid certificates, preventing downtime.
  • Increase operational efficiency: Automating certificate issuance and renewal lets your IT staff focus on other critical tasks, reducing manual workload.
  • Scale effortlessly: Automation is infinitely scalable, enabling organizations to expand without adding additional staff.
  • Adapt to changing validity periods: Automated management makes it simple to handle changes in certificate validity periods.
  • Secure all certificates on a centralized platform: This simplifies management and improves visibility, especially in environments with numerous certificates.

While the proposed change is still in the future, it is wise to start planning ahead and preparing; transitioning from manual to automated management can take time and resources. Automated certificate management is no longer a “nice-to-have”—it is a necessity for all organizations.

Contact us today to see how our solution can help your organization automate certificate management.

For more detailed information, you can read Sectigo’s post here!