6-Day and IP Address Certificates Are Generally Available
4 months ago
- #SSL Certificates
- #Let’s Encrypt
- #Cybersecurity
- Let’s Encrypt now offers short-lived and IP address certificates, valid for 160 hours (about six days).
- Short-lived certificates enhance security by reducing the vulnerability window from key exposure, as they expire faster than traditional 90-day certificates.
- Subscribers can opt-in for short-lived certificates by selecting the 'shortlived' profile in their ACME client, though they remain optional and not the default.
- Let’s Encrypt plans to reduce default certificate lifetimes from 90 days to 45 days in the coming years.
- IP address certificates authenticate TLS connections to IP addresses (IPv4/IPv6) and must be short-lived due to the transient nature of IP addresses.
- The development of these certificates was supported by the Open Technology Fund, Sovereign Tech Agency, and other sponsors.