| ▲ | alexjplant 3 hours ago | |
ACME [1] has been a thing for more than 10 years and has been a stable specification for 7 years. There were similar vendor-specific implementations that preceded it. The DoD has employed none of these solutions for their flagship infosec public web presence. If they were going to automate this then they surely would have done so by now. The reasons why are opaque but people who have experience working in this space might be able to make an educated guess. [1] https://en.wikipedia.org/wiki/Automatic_Certificate_Manageme... | ||
| ▲ | charcircuit 5 minutes ago | parent [-] | |
It may be a thing, but it is not mandatory and issues can still happen that cause the automatic renewal to fail. There still exist holes where someone can have a cert for their site expire. | ||