TLS certificates are what enable HTTPS (the "S" in "HTTPS") and secure communication over the internet, encrypting data between your browser and a website, or between servers.

Essentially, Certificate Authorities (CAs) – the organizations that issue these certificates – will no longer be allowed to issue certificates with validity periods longer than 47 days.

• Currently (until March 14, 2026): Max 398 days.
• From March 15, 2026: Max 200 days.
• From March 15, 2027: Max 100 days.
• From March 15, 2029: The final reduction to a maximum of 47 days. This is the "official" and ultimate reduction being discussed.

If you are still manually renewing TLS certificates every year, it's time to look into automating certificate renewals, as you don't want to renew them eight times a year.

"Automate the renewal process to save time"

Certificate authorities like DigiCert will reduce their prices to reflect the more frequent purchasing that will now be required.

Maybe in future the certificate role mannager is available?

New Job opportunity 20XX: Certificate Manager..... Just for fun 😂