• @solrize
    link
    English
    312 months ago

    Lame. 45 days? 10 days for DCV? How common are exploits involving old certificates anyway? And automated cert management is just another exploit target. Do they seriously think an attacker who pwns a server can’t keep the automatic renewals running?

    • @[email protected]
      link
      fedilink
      English
      322 months ago

      The solution, according to Sectigo’s Chief Compliance Officer Tim Callan, is to automate certificate management — unsurprising considering the firm sells software that does just this.