Luckily I am using only traefik and everything goes through it that it needs for.
Can’t imagine how annoying it would be to interface with every equipment so there are no https errors…
Comment on Decreasing Certificate Lifetimes to 45 Days
Passerby6497@lemmy.world 18 hours ago
I’ve been dreading this switch for months (I still am, but I have been, too!) considering this year and next year will each double the amount of cert work my team has to do. But, I’m hopeful that the automation work I’m doing will pay off in the long run.
Appoxo@lemmy.dbzer0.com 13 hours ago
non_burglar@lemmy.world 18 hours ago
Are you not using LE certbot to handle renewals? I can’t even imagine doing this manually.
Passerby6497@lemmy.world 17 hours ago
Personally, yes. Everything is behind NPM and SSL cert management is handled by certbot.
Professionally? LOL NO. Shit is manual and usually regulated to overnight staff. Been working on getting to the point it is automated though, but too many bespoke apps for anyone to have cared enough to automate the process before me.
Zanathos@lemmy.world 6 hours ago
I’m in the same boat here. I keep sounding the alarm and am making moves so that MY systems won’t be impacted, but it’s not holding water with the other people I work with and the systems they manage. I’m torn between manual intervention to get it started or just letting them deal with it themselves once we hit 45 day renewal periods.
LordKitsuna@lemmy.world 6 hours ago
Can you not just setup an nginx reverse proxy at the network edge to handle the ssl for the domain(s) and not have to worry about the app itself being setup for it? That’s how I’ve always managed all software personal or professional
groet@feddit.org 10 hours ago
One reason for the short certs is to push faster adoption of new technology. Yes that’s about new cryptography in the certs but if you still change all your certs by hand maybe you need to be forced …