Mostly 90 days, and we recommend renewing at 60 days for 90 day certs. That gives more than four wee...

jaas • today at 5:43 AM • 2 replies • view on HN

Mostly 90 days, and we recommend renewing at 60 days for 90 day certs. That gives more than four weeks of leeway.

If you're one of the few early adopters of short-lived (6-day) certs you should renew at 3 days, giving you 3 days for a successful renewal. A 90 minute outage, even if it was a full outage, would not interfere with a successful renewal.

Replies

selcuka • today at 7:14 AM

> If you're one of the few early adopters of short-lived (6-day) certs you should renew at 3 days

Apparently certificates are becoming OCSP-only with a TTL.

nottorp • today at 7:09 AM

How's the push for 48 hour certificates going?

alt Hacker News

Replies