90-day (and even 45-day) maximum TLS validity may not be official yet, but proposals are being actively discussed. When browsers do enforce shorter TLS certificates – whether with CA/B Forum approval or without – the changeover will impact all public-facing certificates. With this change, manual approaches to TLS certificate management will become even more unsustainable than they already are.  

To help you prepare, we partnered with Ryan Hurst, a former Microsoft and Google Security leader, to create this guide. Through firsthand insights gleaned from his illustrious three-decade career, you’ll learn:  

• Why the transition to 90-day TLS certificates is happening 
• A timeline of decreasing certificate lifespans – and when we can expect shorter TLS validity to go into effect 
• Specific reasons browsers can enforce this change (even without CA/B Forum approval) 
• 4 steps to prepare for a shorter TLS certificate standard