The CA/Browser Forum has officially voted to amend the TLS Baseline Requirements to set a schedule for shortening both the lifetime of TLS certificates.
I have mine check daily, which is the default and is recommended. It only actually updates when it’s close to renewal, so I never need to care how short the renewal period is.
I have mine check daily, which is the default and is recommended. It only actually updates when it’s close to renewal, so I never need to care how short the renewal period is.