Esc
Certificate Rotation
Definition
Certificate rotation involves replacing digital certificates and their private keys to maintain cryptographic integrity and trust, mitigating key compromise risks and ensuring continuous secure communications.
How it works
Certificate rotation should be performed when:
- Any certificate expires.
- A new CA authority is substituted for the old, thus requiring a replacement root certificate.
- New or modified constraints need to be imposed on one or more certificates.
- A security breach has occurred.
Considerations:
- Managing certificate rotation across an enterprise can be complex. Automated solutions, sold by multiple vendors, should be considered to manage this complexity.
loading...
loading...
References
All
Internet Article
The following references were used to develop the Certificate Rotation knowledge-base article.
(Note: the consideration of references does not imply specific functionality exists in an offering.)
Password and Key Rotation
Reference Type: Internet Article Organization: SSH
D3FEND™
A knowledge graph of cybersecurity countermeasures