IIRC, it is to encourage automation, and short term certificates are somewhat more secure (shorter period of use if one leaks and it isn't revoked; shorter period to attack the keys [shouldn't be an issue in any reasonable time period, but it can't hurt to limit it] etc.)
IIRC, it is to encourage automation, and short term certificates are somewhat more secure (shorter period of use if one leaks and it isn't revoked; shorter period to attack the keys [shouldn't be an issue in any reasonable time period, but it can't hurt to limit it] etc.)