What are SSL/TLS certificate lifetimes?

Validity window from notBefore to notAfter. Browsers reject outside it. Shrinking to limit key compromise damage.

Why 47 days specifically for certs?

CA/B Forum Ballot SC-081v3 phases it in by 2029. Fixes broken revocation — CRL/OCSP fail in wild.

How do I automate 47-day cert renewals?

Use ACME clients: Certbot, acme.sh. Cron every 30 days. Kubernetes? cert-manager. Free via Let's Encrypt.

47-Day SSL/TLS Certificates: Security Win or Automation Mandate?

Your server's SSL/TLS certificates? They're about to live just 47 days. A data-driven look at why lifetimes keep shrinking—and if it's genius or just pain.

theAIcatchup Apr 11, 2026 4 min read

Timeline graph of shrinking SSL/TLS certificate validity periods from 10 years to 47 days

⚡ Key Takeaways

SSL/TLS lifetimes shrink to 47 days by 2029 to fix broken revocation. 𝕏
Automation is non-negotiable—manual renewals will kill you. 𝕏
Browsers dictate; CAs and devs follow or fade. 𝕏

Published by

theAIcatchup

Community-driven. Code-first.

#CA/Browser Forum #Let's Encrypt #PKI revocation #SSL/TLS certificates #certificate lifetimes #certificate revocation

Worth sharing?

Get the best Open Source stories of the week in your inbox — no noise, no spam.

Originally reported by Dev.to

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

React Server Components' Perfect-Score RCE Flaw Exposes Millions of Apps

Anthropic's One-Line Fumble Leaks Billions in Code

74% of Breaches Exploit Open Linux Servers—Ansible Hardens Them in Minutes

Mythos Unearthed 27-Year-Old Zero-Days—Scan Yours Now

Stay in the loop