Monthly Archives: November 2018

Certificate Management Best Practices Summary

For more details, please refer to our certificate management document.

Best practices list:

* Restrict certificate validity to short periods of time
* Automate certificate renewal/refresh
* Implement certificate validation/revocation mechanism (OSCP)
* Do not use self-signed certs
* Do not use wildcard certs
* Establish and maintain a complete certificate inventory — you must know where each certificate is deployed, its expiration, etc.
* Run frequent endpoint/port scans to detect self-signed and other out-of-policy certificates.

Read the rest of this post »