Improve Certificate Checking & Rotation Process
Proper certificate hygiene includes frequent rotation of certificates. In a large fleet of devices this may not be something that can be done instantly, so there should be a more flexible way to define what is trusted other than a single cert.
A generic cert can easily be copied from one device to another allowing a clever use to spoof the check on an unmanaged device.
5
votes
AdminDan Dennhardt
(Product Manager, Box)
shared this idea
In April we released support for unique per device and have updated our cert validation mechanism to be more robust.