Domain Ownership Change & Certs

Just adding to this revoking success is pretty hit and miss, thats part of the reason the industry is moving to lower duration certs like 90 day certs for LetsEncrypt and most browsers have already or will soon treat as invalid any cert that is issued for more then a year (roughly).

Certs are generally valid for their duration at a technical level, particularly if they are domain validated certs.

EV/Vetted certs where the orgaisation is verified are technically valid for the full duration too but the cert may display the old buisness's name as that was what was on it while it was issued.

You can usually have certs re-issued by the issuer during the validity period too if you need to but the method of doing that is going to depend who you got it from (though you shouldn't need to do that as they will continue to work for their validity period).

/r/sysadmin Thread Parent