TLS证书目前最长为200天,到2029年可减至47天,以加强安全和部队自动化管理。 TLS certificates now last max 200 days, cutting down to 47 days by 2029 to boost security and force automated management.

2026年3月15日, 公众信任的TLS证书的最大使用寿命从398天减少到200天, 标志着计划工业向到2029年缩短有效期至47天转变的第一阶段。 On March 15, 2026, the maximum lifespan of publicly trusted TLS certificates was reduced from 398 to 200 days, marking the first phase of a planned industry shift to shorten validity periods to 47 days by 2029. 经CA/Browser论坛批准,该变革旨在通过更快地应对不断变化的威胁,包括来自AI的威胁,并确保证书反映目前的组织身份,改善数字安全。 Approved by the CA/Browser Forum, the change aims to improve digital security by enabling faster response to evolving threats, including those from AI, and ensuring certificates reflect current organizational identities. 寿命越短,延长频率越高,人工跟踪就变得无效,要求自动证书生命周期管理系统防止停机并保持合规。 Shorter lifespans increase renewal frequency, making manual tracking ineffective and requiring automated certificate lifecycle management systems to prevent outages and maintain compliance. 早期采用这类工具的回报率相当可观,一项研究报告说,ROI的回报率为312%,节省了大量劳动力,同时也为各组织准备了迎接后分子加密等未来挑战的准备。 Early adoption of such tools has shown significant returns, with one study reporting a 312% ROI and substantial labor savings, while also preparing organizations for future challenges like post-quantum cryptography.