SSL/TLS certificate lifespans reduced to 47 days by 2029

The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029. The CA/Browser Forum is a group of certificate authorities (CAs) and software vendors, including browser developers, working together to establish and maintain security standards for digital certificates used in Internet communications. Its members include major CAs like DigiCert and GlobalSign, as well as browser vendors such as Google, Apple, Mozilla, and Microsoft. Earlier this year, Apple proposed a motion to reduce certificate lifespans, which Sectigo, the Google Chrome team, and Mozilla endorsed. This proposal would gradually reduce the lifespan of certificates over the next four years from its current 398-day lifespan to 47 days in March 2029. The goal is to minimize risks from outdated certificate data, deprecated cryptographic algorithms, and prolonged exposure to compromised credentials. It also encoura ... Read full article.