Short-lived = 6 days. Even if you reissue after 2 or 3 days, that's… not a lot of breathing roo...

eqvinox • yesterday at 8:08 PM • 2 replies • view on HN

Short-lived = 6 days. Even if you reissue after 2 or 3 days, that's… not a lot of breathing room.

Replies

You have to opt in, and they are honest about the tradeoffs when discussing them:

> Short-lived certificates are opt-in and we have no plan to make them the default at this time. Subscribers that have fully automated their renewal process should be able to switch to short-lived certificates easily if they wish, but we understand that not everyone is in that position and generally comfortable with this significantly shorter lifetime. We hope that over time everyone moves to automated solutions and we can demonstrate that short-lived certificates work well.

https://letsencrypt.org/2026/01/15/6day-and-ip-general-avail...

➕ show 2 replies

bakies • yesterday at 8:13 PM

3-4 days is a ton of breathing room

alt Hacker News

Replies