In healthcare, every second counts. From electronic health records (EHR) to patient portals and claims processing systems, secure digital communication is the backbone of delivering care and protecting sensitive patient information. That security relies on SSL/TLS certificates—and the rules governing them are about to change in a big way.
The CA/Browser Forum has approved a timeline to shorten SSL/TLS certificate validity to just 47 days by 2029, with the first reduction to 200 days starting in March 2026. For healthcare providers already struggling with certificate sprawl, outages, and manual renewals, this shift could multiply today’s problems sevenfold.
PacificSource, a not-for-profit health insurance provider in the Pacific Northwest of the United States, faced exactly these challenges—and their journey shows why preparing now is critical.
The Challenges of Manual Certificate Management
PacificSource’s IT team was stuck in a manual cycle:
- No centralized visibility into certificates across the environment
- Expirations tracked in personal calendars, leading to 3–4 outages a month
- No standardized issuance process, creating orphaned and undocumented certificates
- Certificate deployments that consumed entire workdays
In healthcare, outages are more than just an inconvenience—they disrupt patient access and create compliance risks. PacificSource realized that manual, ad-hoc certificate management was no longer sustainable.
Transforming Certificate Lifecycle Management with Automation
To move from firefighting to future-proofing, PacificSource adopted AppViewX AVX ONE CLM, an automated certificate lifecycle management platform. With end-to-end automation, centralized inventory, and policy enforcement, AVX ONE CLM transformed certificate management from a reactive burden into a proactive strength.
Since using AVX ONE CLM, the PacificSource team has already reported:
- Complete visibility into all certificates across their infrastructure
- End-to-end automation of renewals, issuance, and deployments
- Zero certificate-related outages (down from multiple to zero per month)
- Certificate deployment time cut from a full day to just 15 minutes
- 97% reduction in effort spent on certificate management
- Full audit readiness and compliance reporting
As certificate lifespans shrink, AVX ONE CLM ensures that renewals happen automatically, at scale, eliminating the risk of missed expirations and downtime.
How PacificSource Transformed Certificate Management with AppViewX
Why This Matters As 47-Day Mandates Loom Large
If yearly certificate renewals were a struggle, imagine doing it every 47 days. For an organization with 1,500 public and private trust certificates, that means going from 1,500 renewals per year to nearly 18,000 under the 47-day TLS mandate.
Manual processes won’t scale. Spreadsheets won’t cut it. Calendar reminders won’t prevent outages.
PacificSource’s decision to automate with AppViewX AVX ONE CLM didn’t just solve their immediate problems—it positioned them to thrive as certificate lifespans shrink. With policy-driven automation and centralized visibility, the IT team can handle short-lived certificates at scale without disruption, downtime, or compliance risk.
Future-Proofing Digital Trust in Healthcare
The move to 47-day TLS certificates is inevitable. The only question for all organizations across all industries is whether they will be ready. PacificSource’s journey demonstrates the value of acting early— replacing manual work with automation, eliminating outages, and building resilience into their security operations.
Download the full PacificSource case study to see how they transformed certificate management and prepared for the future of short-lived certificates with AppViewX AVX ONE CLM.