47-Day Certificate Readiness: Public TLS Discovery Scan Solution Brief
47-day TLS certificate lifecycles will go into effect in 2029. Manual CLM is no longer feasible. CyberArk offers a free scan to help you prepare.
In April 2025, the CA/Browser Forum approved a plan to shorten the maximum validity of publicly trusted certificates to just 47 days. Enforcement begins in 2026 with 200-day certificates and tightens progressively until 47-day certificates become mandatory by 2029.
This shift increases renewal volume by 8-12x, overwhelming manual workflows and fragmented ownership models. The CyberArk 47-Day Readiness Discovery Scan is a rapid, no-cost way to assess your public TLS certificate landscape and prepare for the 47-day TLS certificate shift.
