Connections over Public Networks Should Use a PKI Certificate

A PKI certificate is a special type of digital certificate used to connect over public networks like the internet. The certificate can be used to make a secure VPN connection, a SSL connection or be part of two factor authentication. Depending upon the connection you require, it will determine the kind of certificate you have to create.

Make Sure to Include an Expiration Date in a PKI Certificate

Anytime you create a new PKI certificate you should set a certificate expiration date. Failing to set an expiration date means the certificate remains valid for an indefinite period of time. For example, if an employee was to leave your company and their computer is reassigned and still contains the certificate, the new employee would be able to use the certificate to access resources. By setting an expiration date you can control access to your resources and limit the amount of time the certificate is valid. Once the certificate expires users are no longer able to use that certificate and will have to request a new one.