Digital Certificate Lifespans to Fall to 47 Days by 2029
Technology industry players have voted to reduce the maximum validity term of SSL/TLS certificates to 47 days by 2029, in a bid to enhance digital security.
The CA/Browser Forum ballot result will impact all businesses with a website, meaning they must replace their public TLS certificates more frequently than the current maximum of 398 days. On March 15 2026, the TLS certificate lifespan will shrink to 200 days, then a year after that to 100 days. On March 15 2029, it will drop to 47 days.
Shortening the lifespan of digital certificates in this way reduces the amount of time a threat actor has to take advantage of a compromised certificate.
According to certificate authority (CA) Sectigo, the move could also help to spur greater adoption of automation in the certificate management and renewal sector, reducing manual error and embedding best practice into more organizations.
Read more on digital certificates: CIOs Raise the Alarm Over TLS Cert Security Risks
The CA argued that it might also spur crypto agility by accelerating the adoption of stronger algorithms and ensuring compliance with evolving security standards. That will stand organizations in better stead as they prepare for the transition to quantum-safe algorithms.
“The industry’s unified support for reducing certificate lifespans to 47 days reflects a shared commitment to enhancing digital security and trust for all,” said Tim Callan, chief compliance officer at Sectigo and vice-chair of the CA/Browser Forum.
“This pivotal and positive advancement for our industry underscores the importance of agility and proactive risk management in today’s threat landscape while preparing for the risks of the quantum era.”
However, experts have argued in the past that many organizations will need to adopt machine identity automation tools to manage these risks – especially as the number of such ‘identities’ continues to explode thanks to digital transformation.
The CA/Browser Forum is a voluntary group of CAs, browser vendors and major technology companies like Google and Apple.
