The CA/Browser Forum’s recent unanimous vote to reduce maximum public TLS certificate validity to just 47 days by March 2029 marks a seismic shift in the digital security landscape. This new standard isn’t a proposal—it’s an approved policy. And every organization that issues or relies on public TLS certificates must begin preparations today.

Because it’s no longer about watching Apple’s early lead in reducing lifespans but following an industry-wide mandate. Security leaders should read this as the call to act now, as this sweeping change will facilitate efforts to increase crypto agility, reduce potential attack windows and drive automation on an unprecedented scale.

But what does this momentous decision mean for your organization, specifically? And more importantly, how can you prepare for what’s ahead? Today, we’re breaking down the implications, the CA/B Forum’s new phased timeline and why automation isn’t just helpful but essential.

‍