Certificate Lifecycle Management

47-day certificates are coming. Is your team ready?

As of March 2026, TLS certificate lifetimes drop to 200 days — and keep shrinking. The organisations that prepare now won’t be scrambling later.

March 2026

Max TLS lifetime drops to 200 days

In effect now

March 2027

100 days – renewals double in frequency

Less than 12 months away

March 2029

47 days – manual renewal impossible at scale

Act now

The problem — why this matters

8×  more renewals by 2029
“Going from 398-day to 47-day lifetimes multiplies renewal work 8-fold. Most teams are not ready for this.”

73%  of certificate outages are preventable
“They happen because no one had a complete, live view of what was about to expire.”

1 person  holds the knowledge
“In most organisations, certificate knowledge lives in one person’s head or one spreadsheet — a single point of failure.”

Digital trust

How it works — three steps from chaos to full control

1. Discover everything
“We map your entire certificate estate. What you have, where it lives, when it expires. Most organisations find certificates they did not know existed.”

2. Get clear insight
“One view of every certificate, owner, and expiry date. No spreadsheets, no guesswork — just a clear picture of where you stand.”

3. Automate the rest
“Renewals happen automatically before certificates expire. No manual tracking, no last-minute scrambles, no outages.”

Interested in early access?

BlueX is AET Europe’s certificate lifecycle management platform, currently in development — built to give your team full visibility and automated control over every certificate in your environment.

Talk to our team

Learn more

Frequently Asked Questions

Whether you’re seeking technical support or general information, explore our FAQs to find the solutions you need. If you can’t find the answer you’re looking for, feel free to reach out to our team for further assistance.

What happens when a certificate expires?
Browsers and systems immediately stop trusting it — there is no gradual degradation. Services show security warnings, APIs refuse connections, and applications break without warning.
Why are certificate lifetimes getting shorter?
The CA/Browser Forum, backed by Apple, Google, Microsoft and Mozilla, has mandated shorter lifetimes to reduce the risk of compromised certificates being exploited. As of March 2026, the maximum is 200 days. By 2029 it will be 47 days.
What changes on March 15, 2026?
Newly issued public TLS certificates may be valid for a maximum of 200 days. This drops to 100 days in March 2027, and 47 days in March 2029.
What is BlueX?
BlueX is AET Europe's certificate lifecycle management platform, currently in development. It is designed to give organisations full visibility and automated control over their certificate estate.
How can AET Europe help us prepare?
Our specialists can review your current certificate setup, assess your exposure to the 2026 deadline, and advise on the right approach for your organisation. Get in touch to start the conversation.
Visit our knowledge center
Contact our support

Not sure where to start? Let’s talk.

Our specialists can review your current certificate setup, walk you through what the 2026 changes mean for your organisation, and show you what AET Europe is building to help.