For many years, it was common practice among IT support teams to configure self-signed certificates with long expiration dates. Sometimes, ten years, sometimes even up to 99 years. This was because they were considered something of a nuisance. They were useful to enable encrypted links between machines, but why over-complicate matters by necessitating regular renewals? Well, actually, there was a very good reason to place short renewal dates of one year, or perhaps two at the outside, and that was to force the teams concerned to constantly maintain a good understanding of what it was that they were supporting and why, including all the links with ...