settings_icon Find risky public TLS certificates before the 47-day certificate renewal cycle catches up to you

Discovery Scan for Public TLS Certificates

Hero Image

Start Your Complimentary Certificates Scan


The CA/B Forum has approved a phased policy to shorten public TLS certificate lifespans—from 398 days today to just 47 days by March 2029. The first enforcement hits in March 2026, dropping the maximum validity to 200 days, and again in 2027 to 100 days. These changes compress renewal windows and raise the stakes for teams managing public certificates. This TLS certificate scan helps you get ahead—by identifying gaps in visibility and laying the groundwork for 47-day certificate lifecycles.

CyberArk's TLS Certificate Discovery Scan quickly reveals which public-facing certificates are expired, expiring soon, misconfigured, or non-compliant—so you can take action before it disrupts your business. You’ll be able to:

  • Get an inventory of your publicly trusted TLS certificates.
  • Identify TLS certificates nearing expiration to prevent unplanned outages.
  • Detect rogue, weak, or misconfigured TLS certificates before they trigger an outage.
  • Confirm certificates are issued by approved certificate authorities and align with your security policies..

No deployment required. Just sign up with your business email (we scan the domain tied to that email) and get a detailed report powered by CyberArk Certificate Manager.

It only takes minutes to start. Results can help guide your automation and compliance strategy.

Start Your TLS Certificate Scan

About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk’s AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.