Unsung was engaged to execute the replacement of an Issuing CA certificate and coordinate the re-issuance of all 15,000 end entity certificates deployed across the enterprise, maintaining zero business or operational impact. This engagement was necessitated by the underlying technology stack reaching end-of-life.

The client established a new hosting platform to support a replacement Issuing CA. However, the migration itself presented substantial complexity given the scale of certificate deployment, the diversity of certificate consumers, and the critical nature of many certificate-dependent services.

Unsung successfully executed a complex, large-scale certificate migration whilst maintaining operational continuity.

Unsung conducted detailed analysis of Certificate Signing Requests submitted over the previous 12 months, providing comprehensive understanding of certificate usage patterns. The team collaborated closely with the client to define a risk-based migration strategy.

Comprehensive business communications were developed and deployed, with additional support resources mobilised throughout the migration period to respond promptly to incidents and ensure service continuity.

A diverse range of nuanced certificate requirements was identified across various end entity certificate consumers. Customer decision-making delays, combined with a fixed certificate expiry deadline, required implementation of tactical measures to maintain operational continuity.

These tactical measures included accelerated testing cycles, prioritised migration of certificates approaching expiry, and deployment of additional support resources to enable parallel migration activities.