I'm wondering if anyone has successfully created a script to manage certificate changes every 47 days. I don't handle SSL termination at the load balancer anymore, which is nice because it simplifies the process. However, most of my services are SSL pass-through, meaning each backend server has its own public certificate. Managing these certificates manually every 47 days seems really cumbersome and inefficient to me. Has anyone tackled this yet?
3 Answers
There have been quite a few discussions about this topic recently. If you're using ACME for your certificates, the validity period shouldn't make much of a difference—whether it's 397 days or 7 days, you'll manage it the same way. As for your mention of ‘SSL pass-through,’ could you clarify what you mean? Just trying to understand your setup better!
Completely agree! If certs are rotating this frequently, managing them by hand is going to be a nightmare.
Unfortunately, no one has figured out how to script the certificate changes yet. It’s still pretty uncharted territory with no clear guidance on how to go about it.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures