Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
Log in  ::  Register  ::  Not logged in


By Steve Jones,

I had it happen to me. We had an SSL certificate for a website that one of my employers ran. I actually purchased the certificate, and it secured our communications for a couple years until one day it didn't. The certificate expired and the website stopped accepting connections. If I had noticed, it might not have been a big deal. However when the owner of the company gets a call from one of his large customers, it's an much bigger issue.

If you worked at Microsoft last year when their security certificate expired, it was an even bigger deal. It's not that an affected customer that sends a note; it's affected, unaffected, and potential customers that hear about the issue from the media. It seems like tracking private virtual properties (PVPs) ought to be easy, but it's not. As pointed out in this piece, there are a number of issues at an organizational level, and while there are fixes, it takes some effort.

In many businesses that have periodic activities required for physical assets, there are often people dedicated to tracking, or performing the activity. Mechanics know about maintenance on vehicles, accountants renew leases, workers replace equipment nearing the end of service. Often the time lines and activities involved are understood, and individuals understand their responsibilities.

This showcases another area in which technology is woefully immature. Need a certificate? It takes a person with specialized knowledge to understand what's needed, purchase it, and install it. This person either then moves on to a new role without leaving instructions behind, or isn't well equipped to understand the need to track the expiration and replacement of the technical item. There often isn't even a system set up to handle replacements of these items, which might be superseded or replaced by some entirely new type of technical wizardry.

Managing and tracking PVPs is hard, and I suspect, going to get harder. Security requirements increase, technical requirements grow, and specifications change. I'd like to say I'm confident Azure (or AWS or another large service) will never have another outage because of this, but I wouldn't be surprised if they do.

Total article views: 70 | Views in the last 30 days: 1
Related Articles


There seems to be quite a flurry of talk these days about certification. There is evidence of it in...


SQL Server 2012: Certification Upgrade Info

As a follow-up to my SQL Server 2012: New Certification Info, Microsoft Learning has announced the c...





Certifications – and a survey.

G’day, There’s a lot of mixed opinions around about certifications. Are they worth while, do they ...


Active August posts

I've started a blog to write down and track my personal goals: The Goal Keeping DBA Since Active A...


Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones