Maintain valid TLS certificates by automating renewal and deployment before expiry.
Networking / Loadbalancer / Controls / DEV
Automate Certificate Renewal
CCC.LB.CN08 · Encryption
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.LB.CP11 | SSL/TLS Termination | Process of decrypting SSL or TLS encrypted traffic at the load balancer level rather than at the backend servers. This allows the load balancer to offload the decryption task from the backend servers. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.LB.TH07 | TLS Certificates Are Expired or Invalid | Stale or untrusted certificates weaken encrypted-traffic protection. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.LB.CN08.AR01 | When a certificate is within 30 days of expiry, automated renewal MUST complete and deploy a new certificate within 24 hours. | tlp-green, tlp-amber, tlp-red |