| ▲ | Ask HN: How are you preparing for upcoming short-lived SSL renewals? | ||||||||||||||||
| 7 points by froil 2 days ago | 10 comments | |||||||||||||||||
Any new tools or services or saas you are exploring? Every company have myraid of requirements and stuff. Anyone building new solution? | |||||||||||||||||
| ▲ | weddpros a day ago | parent | next [-] | ||||||||||||||||
I built https://SSLboard.com to manage your certificates at any scale and see what’s deployed, where and how. It’s using Certificate Transparency to inventory your certificates so it requires minimal input but provides a complete audit of deployed certificates. Automation isn't enough: qualys.com (famous for SSLLabs.com) is currently serving an expired certificate (expired 8 days ago). They know their job very well, but without a tool to thoroughly and systematically inventory your certificates, you'll miss it. | |||||||||||||||||
| |||||||||||||||||
| ▲ | comprev a day ago | parent | prev | next [-] | ||||||||||||||||
Not building anything but I'm helping other teams work on their automation to improve rotation processes. A surprising number of Ops colleagues have almost zero exposure to IaC and the short-lived certificates on the horizon has been the necessary catalyst to change this. | |||||||||||||||||
| |||||||||||||||||
| ▲ | kbrannigan 2 days ago | parent | prev | next [-] | ||||||||||||||||
Any more info regarding that. What does that mean? | |||||||||||||||||
| |||||||||||||||||
| ▲ | 2 days ago | parent | prev | next [-] | ||||||||||||||||
| [deleted] | |||||||||||||||||
| ▲ | galaxy_gas a day ago | parent | prev [-] | ||||||||||||||||
Already using acme | |||||||||||||||||