Apple Cuts Max TLS Certificate Lifetime to 47 Days: Automation is Key
2025-04-15
Apple is gradually reducing the maximum lifetime of TLS certificates to 47 days, a move aimed at enhancing security and driving the adoption of automated certificate lifecycle management. This change stems from the CA/B Forum's years-long trend of shortening certificate lifetimes and the unreliability of existing certificate revocation systems (CRLs and OCSP). While the change becomes fully effective on March 15, 2029, Apple anticipates that shorter certificate lifetimes will necessitate the use of automation, mitigating service disruptions caused by expired or revoked certificates. Certificate authorities like DigiCert offer various automation solutions to help organizations adapt to this change.
Read more