135

TLS Certificate Lifetimes Will Officially Reduce to 47 Days (in 2029) (www.digicert.com)

submitted 1 month ago by [email protected] to c/[email protected]

35 comments fedilink hide all child comments

From today until March 15, 2026, the maximum lifetime for a TLS certificate is 398 days.

As of March 15, 2026, the maximum lifetime for a TLS certificate will be 200 days.

As of March 15, 2027, the maximum lifetime for a TLS certificate will be 100 days.

As of March 15, 2029, the maximum lifetime for a TLS certificate will be 47 days.

What's everyone's opinion on this? I think from a security standpoint their reasoning is valid and in many cases it's very easy to automate the renewal with ACME or something else. But there's likely gonna be legacy stuff still around in 2029 that won't be easy to automate.

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 2 points 1 month ago

Digicert is such a shitty CA.

[-] [email protected] 6 points 1 month ago

Oh, I agree. This change will affect all CAs however. And their post seemed to contain the most amount of information.

[-] [email protected] 1 points 1 month ago

I just had to get it out of my system.

[-] [email protected] 2 points 1 month ago

"You can't use Let's encrypt in production!"

Me using let's encrypt for almost everything

this post was submitted on 15 Apr 2025

135 points (97.9% liked)

Sysadmin

9444 readers

7 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 2 years ago

MODERATORS

[email protected]