1 - 1 of 1 posts
  • Secrets auto-rotation in Azure: Part I - IIS SSL certificates

    Introduction

    With the modern digital world, it's essential to be secure as possible to protect your business and your customers.

    To accomplish this goal, you need to separate secrets for each purpose. If something is compromised, you will need to revoke/rotate only one of many.

    Why do you need to rotate secrets? The answer is straightforward. Short living secrets have the advantage that in the event of a compromise they will work only for a short period until the next rotation.

    From another hand, having short living secrets means that you need to rotate them more often which will cause pain from a secrets management point of view. So you need to automate this process to make your life easier.

    In these series of posts, I want to share some experience in this non-trivial journey!