The Quiet Crisis Inside Your PKI: How Smart Security Teams Are Rebuilding Cryptographic Posture Before It’s Too Late

In June 2024, Google announced that Chrome would stop trusting publicly issued TLS certificates from Entrust after October 31. Mozilla followed with its own distrust action a few months later. For enterprises with Entrust certificates scattered across their environments, and there were many, the next four months turned into a fire drill. The teams with mature certificate inventory tooling migrated surgically. The teams without one spent weeks just trying to figure out which of their certificates would actually stop working, and where they were running.

A version of that same scramble has played out every quarter since. A CA distrust action. A protocol deprecation. An expired internal certificate that turned out to be load-bearing for an application nobody remembered owning. A signing key rotation triggered by a vendor incident. The CrowdStrike-driven panic in July 2024 about how a single piece of trusted code can take an industry offline forced a parallel set of conversations about cryptographic trust, because the blast radius of a compromised or expired certificate is in the same neighborhood. None of these are exotic problems.

Every one of them traces back to the same root cause: a piece of cryptography the organization technically owned but did not actually see. If that sounds familiar, you are not alone. And if it does not sound familiar, that is somehow worse, because it almost certainly means it has happened to you and you have not noticed yet.

This is a piece about why public key infrastructure has become the single most under-managed layer in enterprise security, what cryptographic posture really means in 2026, and the very specific things mature security teams are doing to fix it. Along the way, we will cover where CertSecure Manager and CBOM Secure from Encryption Consulting fit, and how Encryption Consulting’s services arm helps customers go from “we think we have a list of certificates somewhere” to “we know what we have, where it lives, and what it would cost us if it failed.”

The Inconvenient Truth About Your Certificate Inventory

Here is a thought experiment. Pull up your current certificate inventory and count the entries. Now ask a junior engineer to spend two days running independent discovery scans across your network, your cloud accounts, your Kubernetes clusters, and the certificate transparency logs for your domains.

In almost every engagement Encryption Consulting runs, the second number is at least double the first. Sometimes it is five times the first. We have walked into financial services environments with three thousand certificates on the official spreadsheet and found north of fifteen thousand actually live in production.

Where do they come from? A developer who needed a quick TLS cert for an internal tool and used Let’s Encrypt because it was Friday afternoon. An acquisition that brought in its own certificate authority and never got fully integrated. A vendor’s appliance with a self-signed cert that auto-renews to itself. A SaaS integration that created a client cert during a proof-of-concept three years ago. A wildcard certificate that someone copied across forty servers because copying was easier than requesting a new one.

None of this is malicious. All of it is invisible. And all of it is your problem when something breaks or someone asks for an audit trail.

That gap between what you think you have and what you actually have is the single most important fact about cryptographic posture, and it is the place every serious security program has to start.

What Cryptographic Posture Actually Means

The term gets thrown around in vendor decks until it loses any specific shape. Strip away the marketing and cryptographic posture is just this: the security health of every cryptographic asset your organization depends on, taken as a whole.

That includes the obvious things, certificates and private keys. It also includes the algorithms behind them, the libraries that implement those algorithms, the key lengths in use, the protection methods for each key, the protocols that wrap the cryptography, and the audit trail showing who touched what and when. AES-256 protecting your data at rest does not save you if the master key is wrapped in a 1024-bit RSA key from 2009. The chain is exactly as strong as its weakest link, and most environments have a lot more weak links than anyone wants to admit.

A team with strong cryptographic posture can answer questions like: every system in our environment using SHA-1 today, every application that calls a deprecated cryptographic library version, every long-lived data store still relying on RSA-2048 instead of a quantum-resistant alternative. A team with weak posture can produce a confident-sounding answer to those questions and be wrong.

The difference between the two teams is not budget. It is whether they decided to take this seriously before the incident or after.

The Four Ghosts That Haunt Every PKI

Walk into any environment that has not invested in PKI monitoring and you will find the same four problems, dressed up in slightly different clothes.

The first is the expiration that nobody saw coming. A certificate buried somewhere unimportant suddenly turns out to be load-bearing for a critical workflow, the renewal task lived in someone’s head, that someone left two years ago, and now the entire team is on a video call at 3 AM trying to figure out who has the private key. PKI engineers know this story. CFOs learn it eventually. It still happens to household-name companies multiple times a year, and the public ones are only the small fraction of incidents that customers notice.

The second is the rogue certificate. Internal CAs are easy to set up. So is grabbing a free cert from a public issuer. So is a developer running OpenSSL to generate a self-signed cert for testing. None of these certs follow your policy on key length, validity period, or naming. None of them are in your inventory. Some of them are in production. A few of them are how attackers establish persistence, because issuing yourself a trusted credential is one of the cleanest ways to look like you belong on a network.

The third is cryptographic drift. Algorithms decay. SHA-1 went from “still in use” to “deprecated” in a public, predictable timeline, and it is still running on systems in production today. RSA-1024 is in the same place. RSA-2048 is heading there as quantum computing matures. If you are not actively monitoring for drift, you are running on whatever algorithm choices your team made the last time they touched the system, which could be a decade ago.

The fourth is the compliance gap that becomes a finding. PCI DSS 4.0, HIPAA, NIST CSF 2.0, NIS2, the EU Cyber Resilience Act, and an increasing list of frameworks all have specific requirements around cryptographic controls and evidence. Auditors are no longer satisfied with “we have a policy.” They want logs, inventories, and proof of continuous monitoring. Without that, your audit becomes a six-week scramble where the security team builds the evidence trail by hand. With it, the audit becomes a query.

These four ghosts share a single exorcism. Visibility. Continuous, automated, organization-wide visibility into what cryptography you actually have and what state it is in.

Why This Got Urgent in the Last 24 Months

Two industry shifts have turned PKI monitoring from a “we should probably get to that” project into a “we cannot defer this any longer” project. The first is the staged collapse of publicly trusted TLS certificate lifespans toward 47 days. The second is the migration to post-quantum cryptography. Both deserve their own deep-dive, because both reshape what cryptographic posture has to look like to be defensible.

The 47-Day Reckoning: What the CA/Browser Forum Vote Actually Means

In April 2025, the CA/Browser Forum approved Ballot SC-081v3, the most consequential change to publicly trusted TLS certificates in a decade. The headline number is 47 days. The detail underneath is a staged timeline, and each stage matters operationally.

The first milestone took effect on March 15, 2026. Maximum validity for new publicly trusted TLS certificates dropped from 398 days to 200 days, and the maximum reuse period for domain-control validation evidence dropped to 200 days alongside it. Most enterprises are living inside this regime right now.

The second milestone arrives on March 15, 2027. Maximum validity drops to 100 days and DCV reuse drops in lockstep. The third milestone arrives on March 15, 2029. Validity hits 47 days. DCV reuse drops to 10 days. That last number is the one that catches teams off guard. After early 2029, you cannot issue a one-year certificate. You cannot issue a quarter-long certificate. You cannot rely on a cached domain-control proof for more than a week and a half before you have to re-validate.

Run the math on what this does to operations. A team managing 5,000 public TLS certificates today, on a roughly annual renewal cadence, processes around 14 renewals per day. At the 100-day milestone in 2027, the same inventory pushes around 50 renewals per day. At the 47-day milestone in 2029, the same inventory generates close to 110 renewals per day, with DCV revalidation against most of them every ten days. No team scales linearly with that load. No team should try.

The 47-day timeline is, operationally, an automation mandate dressed up as a security rule. Manual renewal stops working long before 2029. ACME-based issuance, API-driven automation, and deep integrations with the systems that actually consume the certificates become the only realistic path. The teams that will struggle are the ones that wait until the volume forces their hand. The teams that will be fine are the ones that automated the renewal pipeline before they had to.

This is exactly the territory CertSecure Manager was built for. The platform automates issuance, renewal, and deployment through ACME, REST APIs, and direct integrations across load balancers, web servers, Kubernetes ingresses, mobile device management, and cloud certificate stores. It handles multi-CA environments, so a change in one public CA’s terms or a migration between issuers does not break the renewal pipeline.

It enforces policy at issuance, so a compressed validity window does not produce a backlog of non-compliant certificates. And the discovery engine surfaces every certificate in the environment, including the ones nobody currently has on their radar – which are precisely the certificates most likely to fail silently when the renewal window collapses from 398 days to 47.

For organizations that do not want to operate the renewal pipeline themselves, Encryption Consulting’s PKI-as-a-Service engagement takes the whole problem off the table. The team designs, builds, and runs the certificate operations on the customer’s behalf, including the CertSecure Manager deployment, the HSM integration, and day-to-day monitoring and renewal. For most enterprises, the combination of automation tooling and managed operations is what makes the 2029 milestone survivable without a meaningful increase in headcount.

The Post-Quantum Migration: Where to Actually Start

The second deadline reshaping cryptographic programs is post-quantum, and it gets harder to ignore each year. NIST finalized the first set of post-quantum standards in August 2024. FIPS 203 covers ML-KEM, the key-encapsulation mechanism formerly known as Kyber. FIPS 204 covers ML-DSA, the digital signature scheme formerly Dilithium. FIPS 205 covers SLH-DSA, the stateless hash-based signature scheme formerly SPHINCS+. NIST has additional standards in the pipeline, including FIPS 206 covering FN-DSA (Falcon), and selected HQC in March 2025 as a backup key-encapsulation mechanism in case any future issue is found with ML-KEM.

The driver behind these standards is the “harvest now, decrypt later” threat. A patient adversary captures encrypted traffic today and waits for a cryptographically relevant quantum computer to make decryption feasible. Any data with a confidentiality lifetime longer than five to ten years – intellectual property, strategic plans, healthcare records, financial models, classified government data – is already at risk. The fact that quantum computers cannot break RSA-2048 today is irrelevant. The data being captured today is the target. The clock has already started.

The U.S. National Security Agency’s Commercial National Security Algorithm Suite 2.0 puts concrete timelines on the migration for national security systems, and those timelines are reshaping commercial expectations too. Software and firmware signing should prefer post-quantum signatures by 2025 and use them exclusively by 2030. Web browsers, servers, and cloud services should prefer them by 2025 and use them exclusively by 2033. Operating systems should prefer them by 2027 and use them exclusively by 2033. Niche equipment by 2030 and 2033. Custom applications and legacy systems by 2033. All national security systems by 2035. Financial regulators, healthcare bodies, and EU equivalents are publishing parallel guidance that, while less explicit, lands in the same range.

The migration itself is not a flag flip. In practice, it looks like a six-step program. First, discover every cryptographic asset in the environment – not just certificates and keys, but the cryptographic libraries, protocol implementations, and dependencies underneath them. Second, classify those assets by quantum risk based on the confidentiality lifetime of the data they protect and the operational longevity of the system.

Third, prioritize the migration so that long-lived, high-value data is protected first and short-lived, low-impact systems can wait. Fourth, pilot hybrid implementations – certificates and key exchanges that combine a classical algorithm with a post-quantum one, so a break in either does not compromise the system. Fifth, validate the post-quantum implementations end to end across every library, protocol, and consumer in the chain. Sixth, migrate, monitor, and retire the classical components on a schedule.

Step one is where almost every program stalls, because most organizations cannot produce a complete cryptographic inventory. This is what CBOM Secure exists for. The platform builds the Cryptography Bill of Materials by discovering every algorithm in use, every key with its length and protection method, every cryptographic library and version, every protocol implementation, and every certificate, then stitching all of it into a single queryable picture. The risk-scoring engine highlights deprecated algorithms and quantum-vulnerable cryptography. The quantum-readiness assessment maps the inventory against the NIST PQC standards and flags the systems that need to migrate first.

Once the detailed inventory exists, CertSecure Manager handles the certificate side of the migration. It supports the issuance and management of hybrid certificates that combine classical and post-quantum algorithms, integrates with HSMs that have started shipping post-quantum support, and provides policy controls that allow the security team to gradually require post-quantum algorithms for new issuance while phasing out classical-only certificates. CBOM Secure tells you what to migrate and in what order. CertSecure Manager handles the operational mechanics of getting there.

For organizations that need expert guidance through the multi-year sequencing, Encryption Consulting’s post-quantum migration advisory practice covers cryptographic discovery, risk-based prioritization, hybrid algorithm strategy, vendor and product compatibility analysis, and program management. The work is rarely glamorous. It is just the difference between hitting the 2030 software-signing milestone on schedule and explaining to a regulator why you missed it.

What Mature Programs Actually Do

The teams that get this right look unglamorous from the outside. They are not running cutting-edge AI on their cryptographic data. They are doing about eight specific things, consistently, over years.

They build a complete inventory before they do anything else. Discovery is the foundation everything else sits on, and an 80-percent inventory is functionally useless because the missing 20 percent is exactly where the next outage lives. Real discovery combines network scanning, agent-based collection, cloud provider APIs, CI/CD pipeline scanning, and certificate transparency log monitoring. You catch the certificates issued today and you catch the certificates issued by anyone, anywhere, against your domains.

They automate the certificate lifecycle. Manual renewal is the largest source of preventable PKI incidents in the industry. Automation through ACME, REST APIs, and direct integrations with the systems that consume the certificates removes the human bottleneck. The destination state is one where the system renews and deploys, validates the deployment worked, and only escalates to a human when something is genuinely wrong.

They enforce policy at issuance, not after. Policy enforcement after the fact is how you end up with a permanent backlog of non-compliant certificates that nobody has time to fix. Policy enforcement at issuance is how you stop creating those certificates in the first place.

They centralize key management with hardware-backed key stores. HSMs, cloud key vaults backed by hardware, and similar technologies. Quorum-based access for the most sensitive keys (root CA signing keys and code-signing keys, especially) is a default, not an exception. The cost of an HSM is small relative to the cost of a stolen signing key.

They build crypto-agility into their architecture. Crypto-agility is the ability to swap one algorithm for another without rewriting the application. It means abstraction layers, configurable cipher suites, and modular cryptographic libraries. Teams with crypto-agility migrate to post-quantum in months. Teams without it migrate in years.

They map their environment against frameworks. NIST SP 800-57, NIST SP 800-131A, FIPS 140-3, the CA/Browser Forum baseline requirements. These are not optional reading. They are the spine of any defensible cryptographic program.

They monitor continuously and alert intelligently. A monitoring system that pages someone every time a certificate has 90 days left will be ignored within a week. A system that distinguishes between certificates protected by automation and certificates that need a human, escalates based on the criticality of the protected service, and integrates with existing incident tools is one that actually gets used.

They plan post-quantum migration now. Even if the team is not ready to start migrating yet, they are ready to know what they have and how big the job will be.

Where CertSecure Manager Fits

CertSecure Manager is Encryption Consulting’s certificate lifecycle management platform, and it is built around the messy reality that almost no enterprise PKI is greenfield. The typical environment has Microsoft ADCS for internal certs, public CAs like DigiCert or Sectigo for externally trusted ones, AWS Private CA for cloud workloads, a half-dozen internal issuers for legacy systems, and a long tail of self-signed certs that nobody fully owns.

CertSecure Manager pulls all of that into a unified inventory through network scanning, agent-based/agent-less collection, cloud integrations, and certificate transparency log monitoring. It handles the awkward edge cases (multi-SAN certificates, wildcards, certificates with non-standard extensions, certs from CAs that no longer exist) that trip up generic asset management tools.

On the lifecycle side, it automates issuance, renewal, deployment, and revocation through ACME, REST APIs, and direct integrations with load balancers, web servers, Kubernetes ingresses, and mobile device management. Workflow approvals are configurable by certificate type, environment, and business unit, so production certificates get sign-off while developer-environment certificates flow through automatically.

Policy enforcement is the feature most customers tell us has the largest day-one impact. You define your standards (minimum key length, allowed algorithms, maximum validity period, approved issuers, approved key usages) and the system rejects requests that fall outside those rules. That single capability eliminates the entire category of “we found out about it during the audit” findings.

The reporting layer produces compliance evidence aligned to PCI DSS, HIPAA, FedRAMP, and the other frameworks auditors care about, with the kind of audit trail you can hand over without flinching. Dashboards work for both the security executive who wants posture at a glance and the engineer who needs to drill into a specific incident.

In one sentence: CertSecure Manager is how you keep thousands of certificates healthy, compliant, and current without scaling your team in lockstep with your certificate count.

Where CBOM Secure Fits

CertSecure Manager handles certificates and keys as operational assets. CBOM Secure zooms out one level higher. It is Encryption Consulting’s Cryptography Bill of Materials platform, and its job is to give you visibility into every cryptographic component across your environment, certificates included but not limited to.

A CBOM is to cryptography what an SBOM is to software dependencies. It catalogs every algorithm in use, every key (with its length, type, and protection method), every cryptographic library and version, every protocol implementation, and every certificate. It stitches all of that together into a single picture you can query.

Three things this unlocks that nothing else does.

Post-quantum readiness. The migration to ML-KEM, ML-DSA, and SLH-DSA requires identifying every system, library, and protocol still using vulnerable classical cryptography. CBOM Secure’s inventory lets you scope the migration accurately, sequence it intelligently with high-value long-lived data first, and track real progress against the deadline. Without a CBOM, the migration becomes guesswork.

Targeted vulnerability response. When a cryptographic library or protocol implementation is hit with a CVE, a CBOM tells you within minutes which systems are actually affected. That changes incident response from a frantic organization-wide sweep to a precise patch list.

Supply chain transparency. Regulators and large enterprise customers are increasingly explicit about cryptographic transparency. The expectation that vendors provide CBOMs the way they provide SBOMs is moving from “future requirement” to “current ask.” Teams that have a CBOM are ahead. Teams that do not are scrambling.

CBOM Secure also includes risk scoring (so you know which deprecated algorithms are most urgent to retire), a quantum-readiness assessment that maps your inventory against NIST’s PQC standards, and CI/CD pipeline integrations that catch cryptographic drift at build time rather than after deployment.

How Encryption Consulting Can Help

Tools solve the technical problem. They do not solve the organizational one. Most teams that struggle with cryptographic posture do not struggle because they cannot evaluate a product. They struggle because they do not have the bandwidth to run a clean discovery, build the inventory, write the policies, train the team, and operate the program day to day while also doing their actual jobs.

Encryption Consulting was founded specifically to close that gap, and the services arm has been doing this work for more than a decade across financial services, healthcare, manufacturing, government, and technology customers. The engagements that move the needle tend to fall into a few clear shapes.

A cryptographic posture assessment is usually the right first step. It is a focused engagement that produces a real inventory, a gap analysis against NIST and CA/Browser Forum requirements, a quantum-readiness assessment, and a prioritized roadmap. Most customers learn things in the first two weeks of an assessment that change how they plan the next two years.

A PKI-as-a-Service engagement takes the operational load off the customer entirely. Encryption Consulting’s team designs, builds, and runs the PKI, including the underlying CertSecure Manager deployment, the HSM integration, the policy framework, and the day-to-day monitoring and renewal operations. For organizations that do not want to run a PKI team, this is the cleanest path to a mature program.

Post-quantum migration advisory has become one of the fastest-growing service areas in the last eighteen months. The work covers cryptographic discovery via CBOM Secure, risk-based prioritization of which systems migrate first, hybrid algorithm strategy, vendor and product compatibility analysis, and migration program management. For most enterprises, this is a multi-year program and the early discovery and planning phase is where the leverage is.

Code signing program design, HSM deployment and lifecycle management, enterprise encryption strategy, and compliance readiness engagements for PCI, HIPAA, FedRAMP, and similar frameworks round out the practice.

What customers tell us they value most is not the tools. It is the combination of senior PKI and cryptography expertise, the products that codify what good looks like, and the operational support to run the program once it is built. The tools alone get you maybe halfway. The combination gets you the rest of the way.

Conclusion

Cryptographic posture is one of those problems where the cost of doing nothing is hidden right up until the moment it is not. Then it is an outage, an audit finding, a breach, or a missed deadline that someone has to explain to the board.

The teams that come out of the next five years in good shape will not be the ones with the biggest budgets. They will be the ones that decided, in the first quarter where they had a clear view of the post-quantum timeline and the certificate-lifespan trajectory, that they were going to take this seriously. They built the inventory. They automated the lifecycle. They enforced policy at issuance. They made cryptographic posture a measurable thing instead of an aspirational one.

The combination of CertSecure Manager, CBOM Secure, and Encryption Consulting’s services is built for exactly that trajectory. You can start with the most painful operational problem you have today and grow into the strategic capability without throwing out the work you did at the beginning. The earlier the start, the smaller the lift.

If you want a concrete next step, the cryptographic posture assessment is the cheapest way to find out where the bodies are buried. The answers usually surprise people in both directions, and they almost always change the conversation about where to invest next.