Certificate lifecycle automation is becoming an IAM priority

TL;DR: FY26 closed with the largest fourth-quarter ARR and more than 100% bookings attainment, while also expanding certificate lifecycle automation, DNS integration, and zero trust email security, according to DigiCert. The signal for practitioners is that trust infrastructure is now operational identity work, not just cryptography management.

NHIMG editorial — based on content published by DigiCert: DigiCert ONE fuels record ARR in breakout fourth quarter, building momentum for continued growth

By the numbers:

• DigiCert reported more than 100% attainment on topline bookings targets.

Questions worth separating out

Q: How should teams govern certificate lifecycle automation at enterprise scale?

A: Treat certificate lifecycle automation as an identity and reliability control, not a backend convenience.

Q: Why do shortening certificate lifespans increase IAM and operations risk?

A: Shorter lifespans reduce the margin for manual intervention, so every missed renewal becomes a possible outage or trust failure.

Q: What should organisations do when PKI and DNS are managed together?

A: They should review change control, access boundaries, and rollback procedures as a single trust workflow.

Practitioner guidance

• Map certificate ownership to business services Create a service-level inventory that links each certificate to an application owner, renewal window, issuing system, and rollback path so no certificate exists outside an accountable lifecycle.
• Review DNS and PKI change boundaries together Assess whether shared automation has blurred separation of duties, approval flow, or emergency change procedures across DNS and certificate management.
• Treat domain authentication as part of IAM policy Align email domain authentication, phishing-resistant controls, and workflow approvals so sender trust is evaluated alongside user and service identity risk.

What's in the full analysis

DigiCert's full report covers the operational detail this post intentionally leaves for the source:

• Quarter-by-quarter financial performance and ARR context behind the FY26 result.
• Specific platform integrations and product additions across certificate and trust lifecycle management.
• Details of the Valimail acquisition and how the combined trust stack is positioned in the market.
• Customer, partner, and analyst references that explain the commercial narrative around the update.

👉 Read DigiCert's FY26 update on DigiCert ONE, ARR growth, and trust automation →

Certificate lifecycle automation is becoming an IAM priority?

Explore further

View Full Forum →  |  NHI Foundation Course →