This is exactly why CAs are slowly reducing cert validity.

With a 47-day validity already on the calendar for 2029, nobody in their right mind is going to onboard a new service/device without automated renewal in 2026. Same with any kind of contract renewal: are you going to risk staying with the current vendor who is "considering" supporting ACME "at some point in the future", or would you rather ask their competitor who already supports it to make you a nice deal to convince your manager?

Sure, automated cert renewal might be supported by 10% of services right now, but what is that going to look like a couple of years from now when 100% of businesses are pestering their vendors for it, and leaving for competitors if they can't deliver?

> nobody in their right mind is going to onboard a new service/device without automated renewal in 2026

We're talking about people that didn't bother about an event scheduled in 365 days.

Why would they care about something that may happen in 2029?

No later than last week I had to setup a service using a 365 days cert that was provided to me as a ZIP archive.

The provider have everything in place to set automated renewal.

But they decided against it because it forces providing us with (scoped) API access to the provider.

Instead they put a reminder in Outlook and forgot about it.

Hopefully in ~50 weeks from now someone will see the reminder, decide to act on it, find someone available with access to the provider to renew the certs and someone available that'll read the doc I had to wrote explaining how to put new certs in place, someone willing to schedule the operation... all of that before the certs do actually expire.