The CA/Browser Forum has officially voted to amend the TLS Baseline Requirements to set a schedule for shortening both the lifetime of TLS certificates.
There are still many apps that don’t play nice with automated certificate replacements. I manage a few systems where the entire server needs rebooting, to work properly afterwards. One where a corresponding client-software has to be recompiled and updates distributed simultaneously with the replacement. And one where the certificate and key together needs to be uploaded manually in three different UIs.
Im aware. And I haven’t had to deal with certs in a long time. When I had to purchase them, it was typically thru godaddy. Looks like my former employer is going to have fun time.
Free certificates have existed for a long time now from providers like Let’s Encrypt and ZeroSSL.
There are still many apps that don’t play nice with automated certificate replacements. I manage a few systems where the entire server needs rebooting, to work properly afterwards. One where a corresponding client-software has to be recompiled and updates distributed simultaneously with the replacement. And one where the certificate and key together needs to be uploaded manually in three different UIs.
Im aware. And I haven’t had to deal with certs in a long time. When I had to purchase them, it was typically thru godaddy. Looks like my former employer is going to have fun time.