These pages are produced and maintained by the ITS CSOL Certificates Team. If you have any questions, please send an email to

Certificate Lifespan to move to a 47-day lifecycle in 2029.

Even before that date, the lifecycle period shortens:

March 15, 2026: Maximum certificate lifespan reduced to 200 days
March 15, 2027: Further reduction to 100 days
March 15, 2029: Final enforcement of the 47-day maximum lifespan

AUTOMATION is a MUST!! The digital certificates team is here to help!

NO ONE should be replacing certificates manually, you should have this happening automatically. You should have tools that will monitor certificates expiration dates - there are plenty of internal tools to help us with that.. and if you host is externally available, there are plenty of internet based tools to help monitor this!

What is a Digital Certificate?

In the broadest terms, a digital certificate is block of cryptographic text that is used in many functions such as securing data transport or ensuring the identity or authenticity of sender or provider of information. Digital Certificates come a variety of types and formats to support various functions.

Certificate Type	Description / Explanation

Certificate Type

Description / Explanation

SSL or Secure Socket Layer and TLS (Transport Layer Security) certificates come in a private and public key pair. With this combination of keys, a web browser (client) that connects to a server can:

Authenticate the identity of the server (a website, a domain name, server name or host name)
Encrypts the data in transit between client and server.

In web browsers, an established encrypted/secure connection will present as a padlock in the URL bar of the browser along with starting string of "https://".

Renewing Certificates

Looking to renew a certificate or update an existing one to extend it or make changes? Take a look here.

Client Certificates or Digital IDs are used to identify one user to another, a user to a machine, or a machine to another machine. One common example is digitally signing emails, where the sender digitally signs the communication, and the recipient verifies the signature. Client certificates authenticates the sender and the recipient.

Client certificates also take the form of two-factor authentication when the user needs to access a protected database or arrives at the gateway to a payment portal, where they’ll be expected to enter their passwords and be subjected to further verification.

Code Signing Certificates are used to digitally sign software or files that are downloaded over the internet. The files are signed by the developer/publisher of the software. Their purpose is to guarantee that the software or file is genuine and comes from the publisher it claims to belong. They’re especially useful for publishers who distribute their software for download through third-party sites. Code signing certificates also act as a proof that the file hasn’t been tampered with since download.

Information, Knowledge, and Technical Articles
What to know more? Want to get into the specifics of certificates, cryptography, and security? This section is the library or knowledge base of information.

Page Index