Self-Signed certificates issued by an Internal CA

[Tarun Trivedi <ttrivedi () WAUBONSEE EDU>]

Hi

My apologies for cross-posting this with NETMAN.

I would like to learn if there are best practices in management of
internal self-signed certificates that are used to trust institution's
internal network services.

Specifically, if there is a standard in setting up expiration date or
if there are any risks in setting up maximum allowable time limit. If
there is a central way to monitor certificates issued by various OS's
and applications.

I would appreciate you sharing your process/procedure(s) on this
topic.

Thank you.

Tarun.