TLS certificates | Feb. 09, 2026
Twilio REST API certificates moving to AWS Certificate Manager (ACM) starting January 26, 2027
We're transitioning TLS certificate management for Twilio's classic HTTP REST APIs from manually managed DigiCert certificates to AWS Certificate Manager (ACM). This change prepares Twilio for industry-wide changes that will reduce maximum certificate lifespans to 47 days by 2029.
Shorter certificate lifespans significantly improve security by reducing the window of time a compromised certificate can be exploited. Automated certificate management also eliminates the risk of human error in manual renewals. This is an industry-wide shift led by certificate authorities and browser vendors to strengthen internet security.
Most customers don't need to take any action. If customer applications rely on their operating system's default trust store, everything will continue working seamlessly.
How to prepare for AWS Certificate Manager
If customers pin specific Twilio certificates, they should remove leaf certificate pins from their configuration. With ACM's automated rotation, pinned certificates will become outdated without advance notice.