Hacker News new | ask | show | jobs
by nottorp 43 days ago
Mine are automated. Somehow it reminds me of prayer wheels though...
1 comments
Dylan16807 43 days ago
Forcing certificates to expire in less than a year means people don't forget how to update them, which is a big benefit.

And once people automate, short-lived certificates are a workable plan B for how to revoke certificates and have the revocation actually work.

These are both reasonable goals.

link
nottorp 42 days ago
> people don't forget how to update them

Seriously? I don't even remember how the letsencrypt auto renew service is called. No idea how I did the initial setup either.

link
Dylan16807 42 days ago
Yes, seriously. Forgetting how to set up the automation is a different and significantly smaller issue.
link