Since the recent surfacing of the heartbleed exploit, I have become curious as to how long openssl certificates are usually kept before they are regenerated? Is it days, weeks, months, years? I can't seem to find a definitive answer. I realize that it depends on what the certificate is being used for, so lets say HTTPS transactions between websites.
Asked
Active
Viewed 59 times
1 Answers
4
If they are commercially signed, they're usually kept until they expire, and that depends on how long you pay for when you get them. It's usually an integer number of years, though.
If they're self-signed, many Makefiles default to 365 days, but this can be trivially overridden.
MadHatter
- 79,770
- 20
- 184
- 232