90-Day certificates are coming, it's time to automate!
Organizations that are still taking a manual approach to digital certificate management have heightened risk of outages, breaches, and increased costs.
With the upcoming changes to SSL/TLS certificate validity periods, automate certificate lifecycle management and experience full peace of mind with Sectigo Certificate Manager.
SSL/TLS certificate lifespans are getting shorter
In 2020, the maximum term for a public SSL/TLS certificates dropped to 398 days. Now the largest browsers are advocating for even shorter digital certificate lifespans in the future.
- On March 3, 2023, Google's "Moving Forward, Together" roadmap laid out its intention to further reduce TLS certificate maximum validity from 398 to 90 days.
- On Oct 9, 2024, Apple introduced a draft ballot for public feedback on GitHub, seeking to gradually reduce the maximum term for public TLS certificates to 45 days by 2027.
If this ballot passes, this is what the reality could look like for businesses renewing their public TLS certificates:
Manual certificate management is overwhelming.
Manual certificate management is already difficult and tedious. With 45-day TLS, it will become impossible.
Shorter certificate lifespans are an imminent reality that organizations must plan for with urgency. Now is the time to take proactive steps in certificate management. Avoiding last-minute scrambles when enforcement dates are announced by Google or Apple. Don’t wait, be prepared.
Challenges you might face if you manually manage your digital certificates:
Complexity
Managing multiple validations and configurations is time-consuming.
Risk
Forgotten certificates can lead to security breaches and outages.
Inefficiency
Manual processes are prone to errors and delays
Certificate outages impact everyone
Around 81% of companies have experienced a certificate-related outage in the past two years. Certificate outages happen when digital certificates expire or become invalid, causing security and operational issues. Certificate Lifecycle Management (CLM) prevents this by ensuring certificates are always up-to-date.
By automating CLM, Sectigo helps organizations prevent certificate outages, ensuring business continuity, security, and customer trust.
What happens if no action is taken
When a certificate expire and is not renewed on time it will trigger a browser warning informing users that their connection is no longer private, causing them to leave assuming (rightly so) that the site is unsafe.
These warnings not only drive customers away but also damage a business's reputation. Many users never return after encountering such issues, leading to long-term revenue loss. The financial impact can be severe, with businesses losing both immediate sales and future revenue as customer trust deteriorates.
But this is just the tip of the iceberg. A missed certificate renewal can also lead to outages, data breaches, service disruptions, and costly non-compliance fines.
It’s time to automate. Here’s your path forward:
Carry out a full SSL/TLS certificate discovery for an inventory of both internal and external certificates.
Compile a comprehensive list of vendor technologies that require those certificates to function.
Identify the relevant automation protocols for each technology in your inventory.
Build out an effective 90-day deployment and implementation plan.
Ensure long-term security and agility for continuous cryptographic readiness.
45-day survival guide
Let's put an end to manual certificate management. The time to prepare for 45-day lifespan certificate is now. Download your free 45-day survival guide and ensure your organization preparedness.
