
RavenDB auto certificate renewal: The feature you hopefully never know we have - GordonS
https://ayende.com/blog/186561-C/automatic-certificate-updates-in-ravendb-the-feature-you-hopefully-never-know-we-have
======
GordonS
I'm wondering about the security of using the same key pair - isn't the point
of frequent renewal to limit the timeframe of the damage if your private key
is compromised?

OTOH, if we think about SSH keys, they are generally _not_ short lived like
with certificates - yet that seems to be an accepted thing (at least, I've
never known anyone to change /roll SSH keys).

