Apple Proposes Drastic Cut to SSL Certificate Lifespan: 45 Days by 2027
The digital certificate lifecycle is evolving, with Apple proposing to reduce SSL/TLS certificate lifespans to 45 days by 2027, down from the current 398 days. This change aims to enhance security by limiting the exploitation window for compromised certificates.
Key Timeline for Certificate Lifespan Reduction:
- September 15, 2025: 200-day lifespan with 20-day early renewal window
- September 16, 2026: 100-day lifespan with 10-day early renewal window
- September 2027: 45-day lifespan with reduced DCV reuse period (10 days)
Certificate validity periods bar chart
Security Benefits:
- Reduced window for certificate compromise
- Enhanced compliance and security agility
- Faster response to security threats
Challenges:
- Increased operational burden on IT teams
- Legacy system compatibility issues
- Resource constraints for small businesses
- Manual renewal process limitations
Book cover: 90-Day Survival Guide
Preparation Strategies:
-
,[object Object],
- Implement automated certificate management
- Audit current systems
- Evaluate infrastructure compatibility
-
,[object Object],
- Upgrade to automated Certificate Lifecycle Management (CLM) solutions
- Ensure ACME protocol support
- Develop scalable certificate management processes
Man in blue business headshot
Organizations must prioritize automation to manage shorter certificate lifespans effectively. This transition requires careful planning and infrastructure updates to ensure seamless certificate management and prevent potential security risks or outages.
Related Articles
Essential Security Tips for Protecting Your IOTA Holdings
