Recently we started using our certificate thumbprint in one of our applications and we observed that the CF certificate has been changed (actually, the thumbprint changed while the date it was issued did not), and this raised the following question:
What are the scenarios in which the certificate thumbprint would change, other than expiration? Can it be completely random? Does the likelihood of it changing increase with being DDosed? Is there a fixed list of scenarios?