The Register: New SSL/TLS cert to live no longer than 47 days by 2029

Apr 14, 2025

—

Source URL: https://www.theregister.com/2025/04/14/ssl_tls_certificates/
Source: The Register
Title: New SSL/TLS cert to live no longer than 47 days by 2029

Feedly Summary: IT admins, get ready to grumble
CA/Browser Forum – a central body of web browser makers, security certificate issuers, and friends – has voted to cut the maximum lifespan of new SSL/TLS certs to just 47 days by March 15, 2029.…

AI Summary and Description: Yes

Summary: The CA/Browser Forum’s decision to limit the maximum lifespan of new SSL/TLS certificates to 47 days will significantly impact IT administration practices, necessitating more regular certificate renewal processes. This change emphasizes a trend towards tighter security measures in the realm of information security.

Detailed Description: The recent decision by the CA/Browser Forum reflects an evolving landscape in the realm of web security and certificate management. Here are the key points and implications of this development:

– **Reduced Lifespan of Certificates**: Starting March 15, 2029, newly issued SSL/TLS certificates will have a maximum validity period of just 47 days. This is a substantial reduction from the current industry norm of up to two years.

– **Impact on IT Administrators**: IT teams will need to adapt to a more frequent renewal cycle, which increases operational overhead and may lead to increased administrative burdens. The move is likely to generate challenges in managing certificate renewal processes, especially for organizations with a large number of domains or services.

– **Enhanced Security Protocols**: The decision highlights a shift towards more stringent security protocols in an environment that increasingly prioritizes the protection of sensitive data. Shorter certificate lifespans can potentially minimize the window of exposure in the event of certificate compromise.

– **Compliance and Governance Considerations**: Organizations will need to adjust their compliance strategies related to certificate management. This includes ensuring they have the necessary infrastructure and automation in place to renew certificates more frequently without service disruption.

– **Broader Implications for Information Security**: This shift underscores the continuous evolution of best practices in information security, especially in how authentication and encryption are managed in a digital landscape rife with threats.

Overall, the CA/Browser Forum’s decision serves as a catalyst for businesses to rethink their certificate management strategies, emphasizing the necessity for robust processes that align with security, compliance, and operational efficiency in the face of changing standards.

1 2 2025 4 5 7 a Act administration administrators AGI AI and anti Arch art as authentication Auto automation Best best practices browser Browser Forum business by C certificate certificate lifespan certificate management certificates challenges CI CIA co Col compliance compliance and governance compliance strategies core Current D data day days de decision development digital digital landscape disruption domain domains e efficiency encryption end enhanced security Entra environment event exp face for g Gen GIS git Go governance governance considerations H high Highlight HR http HTTPS implications in industry information information security infrastructure Iron issue J Just k Key l land large led Li life lm long makers man management management strategies max measures mini N NIST no o of on operation operational efficiency operational overhead OPM organization organizations out over point potential process processes protection protocol protocols Q R rate RCE ready real red Ro RoT s sec security security measure security measures security protocols sensitive data service service disruption services shift short side Sig source SSE SSL SSL/TLS certificates standards start T team Teams the threat threats TLS to Tor TP two under up US uth V val web web browser Web Security Wi Wind x