A better practice is have quick expiration times on your certificates