IBM Highlights Shift to 47-Day Certificates

IBM explains the ways in which enterprises can be ready to experience shorter lifecycles of SSL/TLS by making use of automation.

Reconfiguring the entire standards of SSL/TLS will inevitably transform the way businesses are conducted with regard to digital trust, which will result in a new emphasis on automation and resilience, as proposed at IBM. Within the new timeline established in the industry, the maximum green time of a public certificate will have to decrease to only 47 days by March 2029, thus compelling organizations to reconsider conventional security practices.

According to IBM, the certificate validity will be decreasing in phases, starting with 2026 with 200 days and 2027 with 100 days, before it is finally decreasing to 47 days. This constrained cycle makes certificate rotation an ongoing process, which puts pressure on the DevOps and platform engineering staffs already taking care of tens of thousands of certificates per hybrid and cloud environment.

According to industry statistics mentioned by IBM, most of the enterprises continue to use manual tracking systems, which cannot be expanded according to the new model. Lapsed certificates have already resulted in outages of large enterprises, indicating operational risks of fragmented processes.

IBM focuses on automated certificate lifecycle management as the only sustainable solution to this dilemma. Real-time discovery, monitoring, infusion of risk, and smooth rotation of certificates across distributed systems are facilitated by automation, which minimizes downtime and human error.

The enterprise of at least being able to centralize its governance but remain agile is also mentioned in IBM with reference to modern integrations like IBM Concert and HashiCorp Vault. The shorter the duration of certificate life, the earlier an action may be recommended by IBM on behalf of technology leaders to maintain reliability in services, security posture, and customer trust.