Certificate expiry can cause outages within openshift. Following advice from letsencrypt (https://letsencrypt.org/2015/11/09/why-90-days.html), having shorter expiry time helps limit damage from key exposure and helps enforce automation tools for certificate rotation. So, RFE is: * shorter certificate expiry times with automated rotation ability (90d expiry with 30d rotation? or 28d expiry with 7d rotation?) * monitoring tools to check for imminent expiry date in case auto-rotation fails
*** This bug has been marked as a duplicate of bug 1293395 ***