TL;DR: Shortened certificate renewal cycles, especially the shift to 47-day validity, are turning certificate management into a high-pressure operational risk for IT and security teams, according to GlobalSign. The broader lesson is that automation is now a governance control, not just an efficiency upgrade.
NHIMG editorial — based on content published by GlobalSign: certificate automation, IT stress, and the pressure of shorter renewal cycles
By the numbers:
- The Umstellung auf die Erneuerung von Zertifikaten nach nur noch 47 Tagen has turned an already complex task into a near-impossible one for many teams.
Questions worth separating out
Q: How should security teams manage certificates when manual renewal no longer scales?
A: Security teams should treat certificate management as a governed lifecycle process, not a ticket-driven admin task.
Q: Why do shorter certificate lifetimes create more operational risk?
A: Shorter lifetimes compress the time teams have to discover, approve, renew, and validate trust without interruption.
Q: What breaks when certificate lifecycle management is still manual?
A: Manual certificate management breaks at the point where expiry, ownership, and renewal do not line up.
Practitioner guidance
- Automate certificate renewal end to end Replace spreadsheet-based tracking with policy-driven renewal workflows that discover expiring certificates, validate ownership, and deploy replacements before expiry.
- Inventory all certificate-bearing systems Build a complete map of certificates across applications, load balancers, APIs, CI/CD pipelines, and embedded services.
- Tie certificate renewal to non-human identity governance Treat certificates as machine credentials alongside API keys, tokens, and service accounts.
What's in the full article
GlobalSign's full article covers the operational detail this post intentionally leaves for the source:
- The article expands on the human impact of certificate operations, including stress, burnout, and after-hours response patterns.
- It explains the move to 47-day renewal cycles in the context of compliance pressure and changing standards.
- It outlines how automation changes visibility, consistency, and agility in certificate management.
- It connects certificate handling to broader organisational resilience rather than treating it as a narrow admin task.
👉 Read GlobalSign's analysis of certificate automation and IT stress →
Certificate automation and the governance gap teams are still carrying?
Explore further
Certificate lifecycle debt is now an identity governance problem. The article shows how shortening renewal windows converts certificates from a routine maintenance item into a standing operational risk. In an environment where machine credentials are already numerous and distributed, unmanaged certificate lifecycles create the same governance failure pattern seen in broader non-human identity sprawl. The programme implication is clear: lifecycle discipline has to cover every machine credential, not only human access.
A question worth separating out:
Q: Who should be accountable for certificate lifecycle governance?
A: Accountability should sit with the service or platform owner, with security and infrastructure teams setting policy and oversight. If responsibility is shared without being named, renewal failures become everyone’s problem and no one’s obligation, which is exactly how short-lifetime certificates create outages and audit gaps.
👉 Read our full editorial: Certificate automation is easing IT stress and reducing outage risk