I'm looking to check if anyone else has experienced issues with certificate renewals tied to ex-employees. We had a situation where our renewal failed because it was linked to an account of someone who had left the company, and it was a real mess to resolve it under pressure. I'm not talking about public TLS certificates that auto-renew but rather specific vendor or signing certificates, like those from Apple, which we only handle once a year. Has anyone else faced similar problems, or was this just a stroke of bad luck on our part?
4 Answers
This happened to us at a small hospital. When an employee left, we ended up facing downtime on a Sunday to sort out their certificates. Not fun at all!
Yeah, I've definitely seen this before—especially with subscription renewals. When I start at a new place, checking for ties to previous employees is one of the first things I do. It's a common oversight that can lead to a lot of headaches!
I once had to rebuild our PKI from scratch when a key employee left without passing on important information. These days, it's a disaster waiting to happen if an expired cert goes unnoticed—especially with central IT getting nervous about expiration. It's like arguing with people who think everything expired is a major crisis!
Oh, for sure! I had to add an ex-colleague's email as a secondary contact to reset the password for an account renewal. It was a hassle but we managed to sort it out in the end.
I totally agree! When the portal to renew the cert is behind an expired cert, it turns into a nightmare trying to convince IT to let you access it. Super frustrating!