From Years to Days: Preparing For The Future of TLS Certificates

Public TLS certificates have been reducing in lifetime over the past decade. What was once a three, or even five year certificate is now valid for little over a year. The next major step will be far more dramatic: certificate lifetimes are set to reduce to just 47 days by 2029, with the first reductions beginning in 2026.

For cloud, product, and security teams, this is not just an incremental policy change — it will fundamentally reshape how certificates are managed, deployed, and renewed across internal and external services. Manual processes will no longer be sustainable, and automation will become a compliance necessity.