Skip to content

Two-Thirds of Organizations Lose Control Over Their Digital Certificates

In a nutshell: Lack of visibility over certificate inventories, manual management processes, and progressively shortened validity periods (47 days for TLS from 2029 onwards) force organizations to modernize their PKI — without automation, outages from expired certificates threaten.

Only 34 percent of enterprises have complete visibility over their certificates according to their own assessment — an Omdia study commissioned by DigiCert shows that manual management and shortened validity periods are pushing certificate management to the limits of feasibility.

According to a study conducted by Omdia, only 34 percent of surveyed organizations have reliable and current visibility over their digital certificates. For the remaining two-thirds, this concretely means: they cannot reliably determine which certificates are active in their systems, when they expire, and where they are deployed. Respondents cite lack of visibility over certificate inventory as the main hurdle, followed by isolated legacy solutions (51 percent) and continued manual management via spreadsheet (47 percent) — a procedure that is practically no longer manageable with several thousand certificates.

Pressure on the public key infrastructure (PKI) is mounting from two directions: the number of machine identities — certificates for servers, containers, IoT devices, or cloud workloads — is growing significantly faster than the volume of human user accounts. In parallel, the CA/Browser Forum is deciding on a gradual reduction of the maximum validity of TLS certificates: by 2029, the permissible validity period drops to 47 days. This renders the traditional annual certificate rotation obsolete. Organizations that do not automate risk production outages due to expired certificates. This is confirmed in the survey: nearly three-quarters of respondents express strong or very strong concern about outages from expired certificates, 74 percent about uncontrolled certificate sprawl.

Organizations are responding to these challenges: around 80 percent report that they are already modernizing their PKI or planning corresponding projects. More than half expect increasing investments in this area over the coming one to three years. Companies that have already modernized report measurable improvements: 64 percent cite better automation of the certificate lifecycle, 60 percent cite fewer outages. Centralized, automated management is rated as business-critical or very important by 76 percent.

Beyond traditional TLS protection, 72 to 75 percent of respondents see a growing role for PKI in authenticating AI systems, such as models, agents, and data flows. By contrast, considerably less preparation is evident for quantum-safe cryptography: only 22 percent have fully assessed their systems for future cryptographic risks — even though migration to post-quantum-safe procedures typically takes several years.


Source: www.it-daily.net · Published June 2, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.

Share on: