All SoCS web servers have connections protected by TLS encryption (mostly HTTPS). These certificates need to be renewed

SocS uses CCS to provide the certificate through their contract with Entrust. This is a wildcard certificate that can be applied to any server we have.

The max renewal time for one of these certificates is one year, so this process must take place annually

The process involves downloading the new certificate on each server and replacing the old one with the new. The web service (apache/nginx) must then be restarted