Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available starting in early 2026, addressing long-standing issues in certificate security.

Short-lived certificates last just 160 hours, about six and a half days, while IP-based ones tie directly to IP addresses instead of domain names. Users activate them by choosing the “short-lived” profile in their ACME client.

news

Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available starting in early 2026, addressing long-standing issues in certificate security.

Short-lived certificates last just 160 hours, about six and a half days, while IP-based ones tie directly to IP addresses instead of domain names. Users activate them by choosing the “short-lived” profile in their ACME client.