| Use-case: |
Imagine you have 20+ different websites running on your AEMaaCS instance, each one with its own domain name, and therefore its associated TLS certificates. Further imagine that there are dev, staging and prod environments, both for preview and publish. Finally, the certificates may not be wildcard certs (*.example.org) but specific subdomain (preview.example.org, preview-st.example.org, ...).
So you have easily 50+ certificates to renew, and they will not renew at the same time, but across the whole year. Having to manually renew each certificate is error-prone and time-consuming. Also, in order to do this job, the person needs to have elevated administrative rights, but the job itself does not have a lot of added value.
It would therefore be appreciable to automate the renewal of the TLS certificates. In a different environment in the past I was using the certbot tool integrated well with the letsencrypt.org initiative to freely renew certificates every three months. The short duration and the automation ensured the sites remained secure all the time. But this is just an example, other tools and infrastructure probably exist.
|
