CertCutover

rollover checklist

Zero-downtime AS2 certificate cutover

Work top to bottom. The order matters more than the crypto — most outages come from removing the old certificate before every partner confirmed the new one.

Before you start (60+ days out)

Issue and stage

Notify partners

Cut over

Clean up

The two lines that cause outages: "track status per partner" and "remove the old certificate only after every partner is confirmed." Coordinating that across dozens of partners is exactly what CertCutover is being built for.