Online X.509 Certificate Rotation

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Won't Fix
    • Priority: Major - P3
    • None
    • Component/s: None
    • None

      Epic Summary

      Summary

      Allow servers to begin advertising a new X.509 certificate for subsequent TLS sessions without needing to reboot.

      Motivation

      X.509 certificates must be periodically rotated. Because industry best practices are moving toward short certificate lifetimes, it is not always feasible to schedule rotation to coincide with planned maintenance.

      Documentation

      Scope Document
      Technical Design Document

            Assignee:
            Unassigned
            Reporter:
            Rathi Gnanasekaran (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: