We found a valid DigiCert certificate on a domain we just purchased, issued to someone we've never met. Getting it revoked took 6 emails. 72 hours after confirmed revocation, every browser still trusts it.

https://www.certkit.io/blog/bygonessl-happened-to-us

#InfoSec #CertificateManagement

You can automate issuance and still ship outages.

Certificate lifecycle is a loop:

issue → deploy → verify.

Most teams stop at “renewal succeeded” and skip the only part users care about, what the endpoint is actually serving.

https://www.certkit.io/blog/issuance-automation-vs-certificate-automation
#ACME #CertificateManagement

Let's Encrypt is moving to 45-day certificates by February 2028, a year before the industry mandate. Everyone focuses on the certificate lifetime, but the real disruption is authorization reuse dropping from 30 days to 7 hours.

That means nearly every cert request requires fresh validation. Batch operations across a day? Broken. Hardcoded 60-day renewal intervals? Expired certificates.

https://www.certkit.io/blog/45-day-certificates

#PKI #CertificateManagement

One API key with access to everything is fine until a contractor leaves or a key leaks.

CertKit now supports multiple applications with scoped API keys. Split your certificates by product, environment, or team. Your marketing site automation never sees production infrastructure. If a key gets compromised, revoke it without affecting everything else.

All users can create up to 6 applications today.

https://www.certkit.io/blog/application-management

#PKI #CertificateManagement

We published the CertKit roadmap and it's interactive. Every feature has a vote button. Tell us what to build next instead of us guessing.

Current focus: Host Agent for certificate distribution. On deck: SSO, user roles, alerting. Further out: Private CA support and a CT Log API (maybe).

Feature not listed? Tell us. We've shipped things based on a single request before.

https://www.certkit.io/blog/what-should-we-build-next

#CertificateManagement #PKI

Decreasing Certificate Lifetimes to 45 Days

https://letsencrypt.org/2025/12/02/from-90-to-45.html

#HackerNews #DecreasingCertificateLifetimes #CertificateManagement #Cybersecurity #LetsEncrypt #TechNews

https://www.youtube.com/watch?v=fXx29Ml99xM

SecPoint Protector V65 UTM Firewall – Easily Create Self-Signed Site Certificates

The SecPoint Protector V65 UTM Firewall now makes it effortless to create secure, self-signed site certificates directly from its intuitive interface.

✅ Easy, Fast Certificate Creation
✅ Instant SSL/TLS Security
✅ Ideal for IT teams and MSPs

#CyberSecurity #SecPoint #Protector #UTM #CertificateManagement #NetworkSecurity #SSL #TLS #ITsecurity #CyberDefense

📢 hot off #KubeCon: cert-manager has been approved for CNCF graduation! 🎉
86% of new #kubernetes production clusters are deployed with cert-manager as standard practice!
Congrats to Jetstack (now Venafi, CyberArk) and all the maintainers and contributors 👏

Read the Cloud Native Computing Foundation ( #cncf ) announcement for more details:
https://www.cncf.io/announcements/2024/11/12/cloud-native-computing-foundation-announces-cert-manager-graduation/

#cloudnative #security #certificateManagement #kubeconna

How to configure Let's Encrypt email notification on error - nixCraft

Let us see how to configure the Let’s Encrypt email notification when a TLS/SSL cert is skipped, renewed, or an error is created by “acme.sh” client so developers or sysadmin can investigate the matter further.

https://www.cyberciti.biz/faq/how-to-configure-the-lets-encrypt-email-notification-when-a-cert-is-skipped-renewed-or-error/

#letsencrypt #certs #certificatemanagement #acme