The email above mentions - "If you’re requesting certificates from our tlsserver or shortlived profiles, you’ll begin to see certificates which come from the Generation Y hierarchy this week.This switch will also mark the opt-in general availability of short-lived certificates from Let’s Encrypt, including support for IP Addresses on certificates."
We are planning to switch to "tlsserver" profile temporarily to evaluate if there is any impact with the new changes to end TLS client authentication.
Can you help confirm if we switch to "tlsserver" profile now, would that change the certificate lifetime to 45 days beginning this week?
In another blog post it looks like the certificate lifetime is planned to be updated in May 2026 for "tlsserver" profile? - "May 13, 2026: Let’s Encrypt will switch our tlsserver ACME profile to issue 45-day certificates. This profile is opt-in and can be used by early adopters and for testing."
Let's Encrypt typically deploys to production on Thursdays, although other days aren't uncommon either. They generally do not publish exact times as that depends, but looking at historic data from my release monitor it's usually scattered around 1800Z. More invasive changes like this may be deployed outside the usual software upgrades, though, and could have a totally different timing.