|
|
|
|
|
|
by lazyweb
482 days ago
|
|
|
I'm hosting my own internal CA using Hashicorp Vault and some ansible + CI. The root CA is valid for 20 years, intermediate CA 10 years, client certs three months. Initial setup is a handful of commands interacting with Vault's CLI, from there, with CI in place, client certs are renewed automatically. Services are restarted / reloaded as well. Works flawlessly. I should maybe write a (small) blog explaining how it works. |
|
|