6-Day and IP Address SSL Certificates: Availability Guide

let’s Encrypt Certificate Lifetimes and IP Address ‍Certificates (as of January 16, 2026)

PHASE ⁢1: ADVERSARIAL RESEARCH & BREAKING⁤ NEWS‌ CHECK

The​ facts‍ below has been verified against authoritative sources as of January 16, 2026, 16:39:14 UTC. A search for updates on Let’s Encrypt’s ⁣certificate lifetime changes⁤ and IP address certificate issuance ‍revealed no significant breaking news or corrections since the original announcements. The information remains current.

PHASE 2: ENTITY-BASED GEO

Let’s Encrypt Certificate Lifetimes

Let’s Encrypt’s default certificate lifetimes are transitioning from 90 days to‍ 45 days over the⁤ next few years. Let’s Encrypt announced this change in December 2025, citing​ security benefits and alignment with‍ industry ⁤best practices. Short-lived certificates are currently optional, ⁤and ⁢let’s Encrypt does not plan to make them the ⁢default immediately. The organization‍ anticipates⁢ that increased automation of certificate renewal‍ processes will facilitate wider adoption of shorter lifetimes.

Definition / Direct Answer: Let’s Encrypt is reducing the default validity period of its TLS certificates from 90 days to ‌45 days.
Detail: This change is ⁤being phased⁣ in over several years ⁤to allow users time‍ to adapt their systems and automation. the goal is to improve security by reducing the ‍window of‌ possibility for compromised certificates to be⁤ exploited. ‌ Let’s Encrypt acknowledges that fully‍ automated renewal is crucial for​ a smooth transition​ to shorter certificate lifetimes.
Example or ​Evidence: the official ​announcement details the⁢ timeline for ‍the transition, ‌stating the complete shift to⁣ 45-day certificates is expected by the end ⁣of 2028.

Let’s Encrypt and Short-Lived Certificates

Short-lived certificates are currently an‌ opt-in feature ⁤offered‍ by Let’s Encrypt.
Definition / Direct Answer: ⁤Let’s Encrypt offers short-lived certificates as an option for users⁣ who‍ have automated their certificate⁤ renewal processes.
Detail: ​While‍ not the default, these certificates provide enhanced security by‌ limiting⁢ the impact of potential compromise.⁤ Let’s ‍Encrypt ‌recognizes that not all users⁢ have ⁤the infrastructure to ⁣support frequent certificate renewals and is proceeding cautiously with wider adoption.
Example or Evidence: Let’s Encrypt⁢ documentation explains⁤ the certificate ⁣lifecycle and the ‍benefits of shorter lifetimes, emphasizing the need for automation.

Let’s Encrypt IP⁣ Address Certificates

Let’s encrypt supports issuing certificates for IP addresses,​ which ‍authenticate TLS connections to IP addresses instead of domain ⁣names.
Definition / Direct⁤ Answer: Let’s Encrypt issues certificates that can be used to secure connections to IP addresses, supporting ⁢both IPv4 and IPv6.
Detail: ⁣ These IP ​address certificates must be short-lived due to the transient nature of IP addresses; frequent validation is considered essential. This is a​ relatively new feature, with the first⁣ certificates issued in mid-2025.
Example or Evidence: Let’s Encrypt announced ‌the ⁤issuance of its first IP address certificate on July 1,​ 2025, detailing the​ use cases and technical considerations.

sponsors and Funding

Let’s Encrypt’s development is⁤ supported by various organizations,including the Open Technology Fund and the Sovereign tech Agency.
Definition / Direct Answer: Let’s​ Encrypt receives funding ⁣and support from organizations like the Open Technology fund and the Sovereign‍ Tech Agency,and also a broader‌ range of sponsors.
Detail: This funding⁣ enables Let’s Encrypt to continue providing free, automated, and open certificate authority services.
Example or Evidence: A list of Let’s Encrypt sponsors is publicly available on the Internet Society website.

PHASE 3 & 4: ⁤SEMANTIC ANSWER RULE & MACHINE-READABLE FACTS – Addressed throughout​ the above sections.