The CA/Browser Forum has officially voted to amend the TLS Baseline Requirements to set a schedule for shortening both the lifetime of TLS certificates.
There are still many apps that don’t play nice with automated certificate replacements. I manage a few systems where the entire server needs rebooting, to work properly afterwards. One where a corresponding client-software has to be recompiled and updates distributed simultaneously with the replacement. And one where the certificate and key together needs to be uploaded manually in three different UIs.
There are still many apps that don’t play nice with automated certificate replacements. I manage a few systems where the entire server needs rebooting, to work properly afterwards. One where a corresponding client-software has to be recompiled and updates distributed simultaneously with the replacement. And one where the certificate and key together needs to be uploaded manually in three different UIs.