Open lgarron opened 7 years ago
prefixtitle
commented
7 years ago You really need a piece of software which you can install on the server to monitor the certificates and keys by web app and send you a email or text alerts to tell you when you need to renew the certificate or if there a problem with the configuration.
lgarron
commented
7 years ago when you need to renew the certificate
That's a completely orthogonal issue. (Using the same key for every cert makes renewal easier, though.)
prefixtitle
commented
7 years ago Yes you're right and its a different issue, I meant using certificate management platform to monitor your certificates and keys better without a lot of difficulty.
Using a single key is convenient, but multiple keys aren't that hard to handle, and would avoid putting all eggs in one basket. That helps in case a cert needs to be revoked – Google Chrome revokes by SPKI.