Automatic SSL Certificate Renewal
Keeping our systems secure with SSL certificates is essential. Certificates need to be renewed and there is a service commitment to handle this process. But there is a better way. SSL providers can be setup to automatically renew and deliver an updated SSL certificate to our systems when their expiration time approaches.
This idea is for Innovative to support software-only site with setting up an automatic SSL renewal process thereby keeping our systems safe from expiring certificates and making the process worry-free.
Gerald Rezes
shared this idea
The product team will review this idea for consideration for a future release.
-
MEEP candidate for the Sierra 6.6 release
Functional Requirements (what does it need to do?)
● Integration between Sierra and automatic certificate renewal infrastructure established by local sysadmins (for short-term, renewable certificates like LetsEncrypt, DigiCert, etc.), is introduced as:
o A staging location in Sierra where a new or just-renewed SSL certificate may be placed by an external process for subsequent installation and activation
o An API which installs and activates the new or just-renewed SSL certificate in Sierra's production locations, restarting services as necessary, providing confirmation in API response
o An option for Sierra to automatically install and activate certificates as they appear in the staging location, and provide the confirmation result in a user-viewable log, as an alternative to the API call
o Both the API call and the auto-install method support rollback to the previous installed certificate
o Authorized users may review logs of certificate installation activity including public certificate details -
Ray Voelker
commented
The title of this says all you really need to know about why it'll soon be essential to automate the certificate renewal process ...
"SSL/TLS certificate lifespans reduced to 47 days by 2029"
https://www.bleepingcomputer.com/news/security/ssl-tls-certificate-lifespans-reduced-to-47-days-by-2029/