cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Short-Lived TLS and keystores

aldets
Frequent Contributor

‎03-25-2026 01:40 AM

Hi,

 

Since we are using On-Premise only then the latest changes by CA/Browser (CA/B) Forum which will enforce Short-Lived TLS Certificates well effect us. An article for reference:
Certificates Lifespan 47 days 

Well, my question is, if Sinch is planning to improve the overall certificate and keystore creation for ECF and RI VU's? At the moment we cycle the keystores manually once a year, but doing that almost once a month for each customer will be time consuming. We have automated to some extent the Keystore creation, but changing them (change the alias in cacerts and restarts for the VU) are still done manually.

Or are there some other alternatives?

 

Kind regards,
Alder

0 Kudos
1 REPLY 1

Jukka
Employee
Employee

‎04-23-2026 06:00 AM - edited ‎04-23-2026 06:00 AM

Hi, 

Apologies for late response. 

This is for sure a topic that will get attention in near future. And for now, Contact Pro development has not taken any actions. I'm going to start collecting information around the topic right now and we will see what the recommendation will be. If you have comments or thought - share those with me. 

 

One possible candidate for solution is to use proxy between application server and user. This way you can have a public certificate from proxy and connection between proxy - application server can use a private certificate with longer lifespan. 

BR,
Jukka

Jukka Suhonen, Contact Pro Product Owner