• @[email protected]
    link
    fedilink
    English
    311 month ago

    Lame. 45 days? 10 days for DCV? How common are exploits involving old certificates anyway? And automated cert management is just another exploit target. Do they seriously think an attacker who pwns a server can’t keep the automatic renewals running?

    • @[email protected]
      link
      fedilink
      English
      321 month ago

      The solution, according to Sectigo’s Chief Compliance Officer Tim Callan, is to automate certificate management — unsurprising considering the firm sells software that does just this.