SSL certificate requirements are becoming obnoxious
I am responsible for approving SSL certificates for my company. I’ve developed a process over the past couple of years that works well. My stakeholders understand their roles and responsibilities and put up a minimal amount of fuss as I review and approve each cert. What started out as a quarterly or semi-monthly task has become a monthly-to-weekly task depending on when our certs are expiring. I appreciate the amount of trust put into certificates and understand that they are a critical component of digital security. But this 💩 is getting out of hand. When certificates underpin nearly all digital security, including VPNs, WiFi, Email, Websites, APIs, and more, increasing the administrative burden of managing them will have diminishing returns. And, I think it’s going to push…
