Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One SSL certificate on multiple servers

Every certificate renewal automation tool has to answer one architecture question before it does anything else: where does the private key get generated? A reader who used to be “the certificate guy” at his organization emailed me this week to ask about exactly that: It’s the right instinct. It’s also how most automation tools work. Certbot generates the key on the server, builds a certificate signing request, and the private key never leaves the machine.

Automating SonicWall Certificate Deployment with the SonicOS API

How do we keep our Sonicwall certificates up to date as certificate lifetimes get shorter? We’re already at 200 day certs with 100 then 47 day certificates coming soon. A certificate you used to touch once every year now needs replacing up to twelve times a year. Doing this by hand is out of the question, no one has the time. Even if they did, the frequent updates is just asking for mistakes. Luckily, this can be automated using the SonicOS API.