Failure to adapt to the new requirements could result in service disruptions, compliance issues, and weakened security measures for organizations.

On April 11, 2025, the CA/Browser Forum voted overwhelmingly to reduce the maximum lifespan of SSL/TLS certificates from 398 days to just 47 days by March 15, 2029, marking a significant advancement in digital security.

Apple was a key proponent of this change, arguing that shorter certificate lifetimes improve reliability and reduce risks associated with outdated validation.

The approval process involved extensive discussions among certificate authorities and browser vendors, highlighting a consensus towards prioritizing security over convenience.

Automation is emphasized as essential for managing the new shorter certificate lifetimes, with services like DigiCert's Trust Lifecycle Manager providing solutions for easier management and renewal.

To enhance security, the CA/Browser Forum is also reducing the validity period for identification documents required for certificate issuance from over a year to just ten days.

Research indicates that longer-lived certificates create synchronization issues in SSL certificate ownership and domain control, which can lead to potential security exploits.

The new rules are expected to encourage companies and developers to automate the renewal and rotation of TLS certificates, reducing the risk of expired certificates.

This shift towards shorter certificate lifespans reflects a broader movement in the industry towards prioritizing security, recognizing that convenience cannot compromise digital trust.

Apple's proposal for shorter certificate lifetimes, initially suggested in late 2024, garnered support from other CA/Browser Forum members, including Google and Mozilla.

The changes aim to promote better security practices in the digital landscape, responding to ongoing concerns over trust and verification in digital certificates.

The vote showed unanimous support with 29 votes in favor and no opposition, while five certificate authorities abstained from voting, indicating some mixed feelings about the necessity of such restrictive terms.