Hello,
Managing certificates is getting more and more a nightmare as the valid lifetime will be reduced to 47 days, especially on devices and virtual appliances that don't support any kind of automatic renewal protocol.
What are the options in FMC to automatically renew VPN peer certificates signed by an external public CA? Currently FMC 7.4 only supports EST and SCEP enrollment. [1] None of them supports automatic renewal. Also latest FMC 7.7 does not support ACME. We also use the VPN peer certificate for signing SAML requests for Microsoft EntraID, so renewing a certificate for a VPN peer involves multiple manual steps.
[1] https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/objects-certs.html
