> I would like to see the metrics on how much time and resources are wasted babysitting all this automation vs. going in and updating a certificate manually once a year and not having to worry the automation will fail in a week.

I have multiple systems. Legacy that I've inherited, and modern that are able to automatically update their certs.

The automated updates require almost zero maintenance, there was a week a couple of years ago when I had to switch some configuration for a new root cert.

The legacy system requires manual installation and multiple weeks of my time every year because of the number of environments, and since generation of the certs requires me to file a request for someone to manually create it, they invariably typo something and it has to be redone everywhere.

So multiple engineers, over multiple weeks?

Manual process at a guess is £50k pa, while the automated is close to an annual £0?