The CA/Browser Forum has officially voted to amend the TLS Baseline Requirements to set a schedule for shortening both the lifetime of TLS certificates.
Im aware. And I haven’t had to deal with certs in a long time. When I had to purchase them, it was typically thru godaddy. Looks like my former employer is going to have fun time.
There are still many apps that don’t play nice with automated certificate replacements. I manage a few systems where the entire server needs rebooting, to work properly afterwards. One where a corresponding client-software has to be recompiled and updates distributed simultaneously with the replacement. And one where the certificate and key together needs to be uploaded manually in three different UIs.
So would I have to buy a new cert every 47 days?
Free certificates have existed for a long time now from providers like Let’s Encrypt and ZeroSSL.
Im aware. And I haven’t had to deal with certs in a long time. When I had to purchase them, it was typically thru godaddy. Looks like my former employer is going to have fun time.
There are still many apps that don’t play nice with automated certificate replacements. I manage a few systems where the entire server needs rebooting, to work properly afterwards. One where a corresponding client-software has to be recompiled and updates distributed simultaneously with the replacement. And one where the certificate and key together needs to be uploaded manually in three different UIs.