Let's Encrypt

Keep systems running with certificate auto renewal

Description: The cause of this outage is a certificate which has expired.

We’ve all seen this type of message before. The good news is that this issue, and its corresponding message to campus, can be avoided. In fact, nearly all outages due to expired certificates are preventable. One solution is to set up certificate auto renewal.

System Administrators who manage SSL/TLS certificates for various systems on campus are encouraged to use Let’s Encrypt to automate certificate renewals. This service helps renew SSL/TLS certificates so time can be better spent performing other important duties.

Many server administrators have moved away from using the Incommon/Sectigo SSL server certificate offering and replaced it with ‘Let’s Encrypt.’ This service provides free, automated, open and trusted security certificate authority (CA) in order for server administrators and website owners to obtain trusted security certificates within minutes. It also automatically renews certificates over time without the manual intervention for renewal.

In the cloud, there are options to do certificate automation as well, such as AWS ACM , Azure Key Vault, or Google Managed SSL Certificates.

Not all systems can easily take advantage of automated certificate renewal, such as network appliances, or closed systems, but it is worth the effort to investigate improving your certificate renewals.

Join colleagues across campus by making system administration work more efficient.

Access this SSL/TLS Certificates KnowledgeBase article to find additional information on certificate management best practices.