Luckily I am using only traefik and everything goes through it that it needs for.
Can’t imagine how annoying it would be to interface with every equipment so there are no https errors…
Comment on Decreasing Certificate Lifetimes to 45 Days
Passerby6497@lemmy.world 3 weeks ago
I’ve been dreading this switch for months (I still am, but I have been, too!) considering this year and next year will each double the amount of cert work my team has to do. But, I’m hopeful that the automation work I’m doing will pay off in the long run.
Appoxo@lemmy.dbzer0.com 3 weeks ago
non_burglar@lemmy.world 3 weeks ago
Are you not using LE certbot to handle renewals? I can’t even imagine doing this manually.
Passerby6497@lemmy.world 3 weeks ago
Personally, yes. Everything is behind NPM and SSL cert management is handled by certbot.
Professionally? LOL NO. Shit is manual and usually regulated to overnight staff. Been working on getting to the point it is automated though, but too many bespoke apps for anyone to have cared enough to automate the process before me.
groet@feddit.org 3 weeks ago
One reason for the short certs is to push faster adoption of new technology. Yes that’s about new cryptography in the certs but if you still change all your certs by hand maybe you need to be forced …
Zanathos@lemmy.world 3 weeks ago
I’m in the same boat here. I keep sounding the alarm and am making moves so that MY systems won’t be impacted, but it’s not holding water with the other people I work with and the systems they manage. I’m torn between manual intervention to get it started or just letting them deal with it themselves once we hit 45 day renewal periods.
LordKitsuna@lemmy.world 3 weeks ago
Can you not just setup an nginx reverse proxy at the network edge to handle the ssl for the domain(s) and not have to worry about the app itself being setup for it? That’s how I’ve always managed all software personal or professional