undefined | Better HN

0 pointsAnIdiotOnTheNet4y ago0 comments

I think that's exactly what parent is getting at though: it's a pain to manage certs for your own internal stuff and even worse for third party stuff in your environment. Rather than say "well, just hire more IT people" we should really come up with a simpler and easier solution if we want to actually see adoption.

0 comments

2 comments · 1 top-level

qbasic_forever4y ago· 1 in thread

Like I said, spend some time to investigate the space. There are lots of tools to ease the burden of running your own internal CA. For example: https://smallstep.com/certificates/ But really you probably want to use your OS' group machine management systems, like AD on Windows, to handle this with lots of machines.

hultner4y ago

That looks really nice, bookmarked for later. In general I agree with the previous commenter, Let’s Encrypt made TLS easy on the public net, but for small teams/organizations TLS in local networks with local host names is still a pain.

j / k navigate · click thread line to collapse