Decreasing Certificate Lifetimes to 45 Days
9 days ago
- #SSL Certificates
- #Let’s Encrypt
- #Web Security
- Let’s Encrypt will reduce certificate validity from 90 to 45 days by 2028.
- Authorization reuse period will decrease from 30 days to 7 hours by 2028.
- Changes align with CA/Browser Forum Baseline Requirements for improved security.
- ACME Profiles will allow users to control when changes take effect.
- Staging environment updates will precede production by one month.
- ACME Renewal Information (ARI) recommended for timely renewals.
- Systems should monitor for renewal failures with shorter certificate lifespans.
- DNS-PERSIST-01, a new validation method, expected in 2026 for easier automation.
- Subscribe to Let’s Encrypt’s technical updates mailing list for future announcements.