...
Certificates can be obtained for a 1 or 2 year period. Warning emails will be sent by InCommon to the certificate owners as the expiration date nears. For CUIT systems managed by the Systems Sourcing and Engineering Team, a Service Now incident will be automatically opened to track the certificate renewal. For other CUIT Systems, the Desktop Engineering Client Services group will manage those certificates in collaboration with the Service Owners.
Exceptions:
CUIT assumes no responsibility for the expiration of certificates on non-CUIT systems. It is the certificate owner’s responsibility to request a new cert when needed. For Certs which are for non CUIT Systems, expiration notices are not processed as the certificate owner also receives the request and can renew if needed.
SSL Termination at F5
For Systems behind the F5 Load balancers, SSL termination occurs at the F5 where wildcard certs are utilized.
Reusing CSRs
Certificate Signing Requests (CSR) shall not be reused. Users must generate and submit new CSRs whenever certificates are renewed.
...