[randomf1fan]

Yes, that's a fair point.

However, it's still better than having expired certs and a team trying to figure out who owns the app, trying to get in touch with them, asking them to update the cert, finding out that they are no longer with the company...

It's even worse when the service is something that a small team created as a POC - which then became customer facing and mission critical, with the team having moved on to something else.

And it's funny how often this happens over a holiday weekend.

Yes, I know that the issues are deeper and more to do with large company process and bureaucracy than anything technical. But at least you can have secure services that don't fall over.