Automated certificate renewal
Table of Contents
Expand all | Collapse all
-
- Activate Next-Generation Trust Security
-
-
- Configure AWS connection
- Configure Azure Key Vault connection
-
- Workload Identity Federation authentication
- Workload Identity Federation - Azure Identity Provider authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Workload Identity Federation authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Supported OIDC claims
-
-
-
-
- Create an F5 BIG-IP LTM machine
- Create a Microsoft Azure Private Key Vault machine
- Create a Microsoft IIS machine
- Create a Microsoft Windows (PowerShell) machine
- Create a Microsoft SQL Server machine
- Create a Common KeyStore machine
- Create a Citrix ADC machine
- Create an Imperva WAF machine
- Create a VMware NSX Advanced Load Balancer (AVI) machine
- Create an A10 Thunder ADC machine
- Create a Cloudflare machine
- Create Kemp Virtual LoadMaster machine
- Create a Palo Alto Panorama machine
-
- Provision to an F5 BIG-IP LTM
- Provision to a Microsoft Azure Private Key Vault
- Provision to Microsoft IIS
- Provision to Microsoft Windows (PowerShell)
- Provision to Microsoft SQL Server
- Provision to a Common KeyStore
- Provision to a Citrix ADC
- Provision to an Imperva WAF
- Provision to VMware NSX Advanced Load Balancer (AVI)
- Provision to an A10 Thunder ADC
- Provision to Cloudflare
- Provision to a Kemp Virtual LoadMaster
- Provision to Palo Alto Panorama
-
-
- 47-Day Validity Readiness TLS Certificates dashboard
- About the Certificate Inventory
- Managing certificate lifecycle settings
- Reissuing certificates in Next-Gen Trust Security
- Downloading certificates, certificate chains, and keystores
- Retiring, recovering, and deleting certificates
- Finding certificates in the certificate inventory
- Importing certificates from a CA using EJBCA
- Notification Center overview
- Domain-based validation for external emails
- Managing user accounts
- Troubleshooting
Automated certificate renewal
Automated certificate renewal reduces the need for manual certificate updates and helps prevent service interruptions caused by expired certificates. When enabled, certificates are renewed automatically within a defined renewal window.
Features and benefits
- Enable or disable automated renewal at the application level
- Configure a global renewal window, with the option to override it per application
- Renew certificates within the specified window to reduce outage risk
- Support renewal of certificates managed within Next-Gen Trust Security
Audience and use cases
Automated certificate renewal is intended for administrators responsible for maintaining certificate availability across applications.
Common use cases include:
- Renewing certificates before expiration without manual intervention
- Reducing operational overhead when managing large certificate inventories
- Maintaining consistent certificate lifecycle behavior across applications
Note: If certificates are renewed using tools or workflows outside of Next-Gen Trust Security, automated renewal behavior may not be coordinated and could result in unexpected outcomes.
Next steps
Learn how to configure automated renewal settings for applications and review renewal behavior.
Related links
- How to configure automated renewal settings
- How to change the global renewal window
- How to review renewal activity