← Back to Blog
May 30, 2026By Elena Rostova, Infrastructure Lead

Navigating the Future of SSL/TLS: Preparing for Shorter Certificate Lifecycles

The Shift to Shorter Cert Lifecycles

In an effort to improve security posture and rapidly mitigate compromised keys, browser vendors (led by Google and Apple) are pushing to reduce maximum SSL/TLS certificate lifespans from 397 days down to 90 days or fewer.

Why the Change?

  • Key Rotation Speed: Forces organizations to rotate keys frequently, reducing the window of vulnerability if a private key is leaked.
  • Shorter Certificate Revocation Lists: Minimizes the overhead required to track revoked certs.
  • Agility: Establishes automated rotation as the standard operational practice.
  • How to Prepare

    Manual tracking via calendar reminders or Excel sheets will fail. If you manage hundreds of client domains, you must adopt ACME (Automated Certificate Management Environment)