90-day (and even 45-day) maximum TLS validity may not be official yet, but proposals are being actively discussed. When browsers do enforce shorter TLS certificates – whether with CA/B Forum approval or without – the changeover will impact all public-facing certificates. With this change, manual approaches to TLS certificate management will become even more unsustainable than they already are.
To help you prepare, we partnered with Ryan Hurst, a former Microsoft and Google Security leader, to create this guide. Through firsthand insights gleaned from his illustrious three-decade career, you’ll learn:
- Why the transition to 90-day TLS certificates is happening
- A timeline of decreasing certificate lifespans – and when we can expect shorter TLS validity to go into effect
- Specific reasons browsers can enforce this change (even without CA/B Forum approval)
- 4 steps to prepare for a shorter TLS certificate standard
