Back to overview

Shorter TLS cycles: Automated certificate management becomes mandatory

Author
Natacha Suter
Published
01. June 2026

Share article

Digital certificates form the backbone of a secure digital infrastructure. They verify the authenticity of devices, websites and organisations, thereby enabling secure connections in our interconnected world in the first place. New requirements from the CA/Browser Forum are now drastically shortening the validity period of TLS certificates. For companies, this means increased complexity, growing cyber risks and pressure to act. This article explains what this paradigm shift means for certificate management, which deadlines will apply in future and how these can be classified in practical terms.

The end of long TLS certificate validity periods

Until now, TLS (Transport Layer Security) certificates were often valid for over a year. This gave IT teams enough time for manual renewal processes. But now this era is coming to an end. The CA/Browser Forum (CA/B), the body that sets the global standards for certificates, has officially voted to gradually and drastically shorten the validity period of TLS certificates.

The timetable for this change has already been set:

  • Until March 2026: The maximum validity period is still 398 days.

  • From March 2026: Reduction to 200 days.

  • From March 2027: reduction to 100 days.

  • From March 2029: The maximum term will only be 47 days.

Why shorter TLS terms are necessary

The drastic reduction in certificate validity periods addresses a real and growing problem. This is because many companies today have limited visibility of their fare certificate landscape and often only react when a certificate expires or an incident occurs. In complex IT environments with hundreds or thousands of certificates, this regularly leads to failures, security gaps or compliance problems.

The longer a certificate is valid, the greater the risk of compromised or outdated cryptographic procedures remaining in use unnoticed. At the same time, the speed at which new threats and requirements emerge is constantly increasing.

This is precisely where the shortening of runtimes comes in. It is forcing companies to modernize their processes and switch from reactive, manual approaches to automated and controlled procedures.

Shorter runtimes therefore bring clear advantages:

  • Increased security: compromised certificates can be misused for much less time

  • Faster responsiveness: companies have to implement new standards and algorithms more quickly

  • Preparation for post-quantum cryptography : crypto-agility becomes mandatory

Especially in view of future threats from quantum computing, it will be crucial to be able to exchange cryptographic procedures quickly.

Certificate Lifecycle Management (CLM): automation is mandatory

For companies, this means a significant increase in administration costs. If a certificate is only valid for 47 days, the renewal process has to be run through every few weeks without errors. Manual administration, which is already prone to errors with hundreds or even thousands of certificates, becomes an increased risk of failure at this speed.

Unplanned certificate processes lead to:

  • Service downtimes: websites and applications are no longer accessible.

  • Security gaps: Unprotected data transfers and compliance breaches.

  • IT team overload: employees are diverted from strategic projects due to repetitive routine tasks.

In short: without automation, certificate management becomes an operational risk.

DigiCert as a leader in certificate management

This is precisely where modern solutions for Certificate Lifecycle Management (CLM) come in. We rely on our partner DigiCert to effectively meet the challenge of ever shorter certificate lifecycles.

DigiCert is a global leader in digital trust, securing people, data and devices with AI-powered solutions to stop threats and enable a quantum-secure future. More than 100,000 organizations, including 90% of the Fortune 500, trust DigiCert to secure their digital infrastructure and prepare for future threats.

Why DigiCert?

  • Complete transparency: Centralized overview of all certificates through CA-agnostic discovery, continuous monitoring and real-time alerts - for full control over the entire certificate landscape.

  • Automation: End-to-end automation of the entire certificate lifecycle - reduces errors and prevents failures.

  • Scalability : Seamless integration into multi-cloud and hybrid environments as well as existing IT and DevOps processes.

  • Security & control: Enforcement of guidelines, clear auditability and early detection of risks.

  • Future-proof: PQC-ready(post-quantum cryptography) and flexibly adaptable to new standards and requirements.

Practical example - certificate management at the touch of a button

A practical example from DigiCert in the Swiss healthcare sector shows just how great the effect of automation can be. In a complex infrastructure with over 10,000 certificates, certificate management used to be very manual. Today, the entire environment is monitored by just one person.

Where previously manual intervention was required, the company now uses the DigiCert API.

  • Over 450 internal application endpoints have been successfully configured for automatic enrollment.

  • The process now also runs fully automatically for internal web servers.

  • Best of all, no training was required for the server administrators, as the existing workflows became more efficient in the background.

By switching to the containerized DigiCert ONE platform, the company is not only ready for the cloud (Azure migration), but also for the coming era of post-quantum cryptography (PQC). The platform makes it possible to react quickly to new cryptographic standards without having to rebuild the entire infrastructure.

InfoGuard & DigiCert - a partnership for your CLM

With DigiCert, InfoGuard is relying on one of the world's leading providers in the field of digital trust. In the latest IDC MarketScape "Worldwide Certificate Lifecycle Management Software 2026 Vendor Assessment", DigiCert was once again positioned as a leader.

Together with DigiCert, our experts will support you in transforming your certificate management sustainably.

Your benefits:

  • Analysis of existing certificates and processes

  • Introduction of automated CLM solutions

  • Integration into existing IT and security architectures

  • Preparation for future requirements such as PQC

In this way, you create the basis for a certificate infrastructure that not only functions reliably today, but can also be operated securely, scalably and efficiently in the long term.

Find out more about DigiCert's Trust Lifecycle Manager or talk to our experts about your CLM strategy.

About automated CLM

 

Image caption: Image generated with AI
Table of Contents
    Share article

    Blog

    Humanoid AI robot automates TLS certificate management and sorts expiring digital certificates
    Blog 01. June 2026

    Shorter TLS cycles: Automated certificate management becomes mandatory

    Cyber Security
    Risk & Compliance
    AI-supported robot analyzes digital attack patterns, risk exposures and cyber risks to strengthen cyber resilience
    Blog 26. May 2026

    Cyber Threat Intelligence: Identifying Risk Exposures Before Attackers Do

    Incident Response (IR)
    SOC
    IT managers analyze the data flow in a cloud infrastructure using a hyper-realistic model.
    Blog 18. May 2026

    Data Sovereignty in the Cloud: Who else besides you knows about your Data Flows?

    Cyber Security
    Risk & Compliance

    Subscribe to blog updates