How can I get short-lived certificates?
Stay organized with collections
Save and categorize content based on your preferences.
Google Trust Services supports short-lived certificates.
You may request short-lived certificates by specifying the duration in your CSR
or by using an ACME client that supports the validity extension (e.g., passing
the --valid-to '+7d' flag in acme.sh). The value +7d may be changed to any integer
from 1 to 90.
ACME clients that support the validity period flag include: acme.sh,
cert-manager, lego and smallstep
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-04-27 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2026-04-27 UTC."],[],[]]
