What are the five stages of the certificate lifecycle?
The TLS/SSL certificate lifecycle is broken down into five stages and some steps can occur throughout the certificate lifecycle once a certificate is issued (i.e. automation & discovery).
The primary five stages of certificate lifecycle management include:
- Issuance & Installation – After completing the certificate validation process by a trusted Certificate Authority, your SSL certificate is then issued. Once issued, you must install the certificate for your domain or server.
- Discovery – Our discovery tools are crucial for tracking and monitoring all the certificates issued for your domains or servers and keeping a pulse on certificates that are close to expiring and need to be renewed.
- Remediation – If there is an issue or vulnerability with a certificate, you may need to revoke the certificate and reissue it. DigiCert® CertCentral® provides the tools to instantly revoke a certificate and reissue it.
- Renewal – Under official CA/B Forum rules, all public-facing TLS certificates must now be renewed on an annual basis, or approximately every 13 months. However, some organizations prefer to replace certificates under even shorter timelines.
- Automation – The entire process of managing TLS certificates can be automated from hosted, agent-based or sensor-based tools including ACME URL or DigiCert Automation Manager.