> > And based on my reading of the intro these keys need to be updated at > > least monthly? > > > > Michael > > The frequency keys need to be changed is based on their > strength (size). The current recommendations are very > conservitive and also factor in that humans need to repeat > operations regularly to get them correct and not forget how > to do the rollover. From a crypto standpoint alone you, > generally, don't need to roll keys monthly. > > As more and more automation takes place the frequency of > rolling keys will fall more and more into line with their > crypto strength rather than be driven by human requirements. > > SSL certificates are valid for multiple years and they use > the same crypto. They are also simpler to use at this point > in time. Buy and copy into place.
So for the domain name "networkstuff.co.nz", I would need to buy a certificate for "networkstuff.co.nz" or would it need to be a wildcard certificate? ie: "*.networkstuff.co.nz" as these are expensive...
