Hacker News new | ask | show | jobs
by allthetime 85 days ago
"yet another chore"

use cloudflare, never think about it.

or

use certbot, never think about it.
1 comments
dmitrygr 85 days ago
I am curious how long the approval process in some large corp or the military would be for either of those options...

Hand over our private keys to a third party or run this binary written by some volunteers in some basements who will not sign a support contract with us...

link
icedchai 85 days ago
I've worked with large "enterprises" that refuse to use the easy-to-automate certificate services, including AWS Certificate Manager. They would rather continue to procure certificates through a third party, email around keys, etc. They somehow believe these archaic practices are more secure.
link
hananova 85 days ago
Well they can either automate it, or soon spend literally every waking moment in a cycle of paperwork to chase the next renewal.

The whole point was to force automation, and if corps want to be stubborn that's no skin of my back, the shorter durations are coming regardless.

link
allthetime 85 days ago
In this case some manual work may need to be done.
link