undefined | Better HN

0 pointsnottorp1d ago0 comments

Mine are automated. Somehow it reminds me of prayer wheels though...

0 comments

Forcing certificates to expire in less than a year means people don't forget how to update them, which is a big benefit.

And once people automate, short-lived certificates are a workable plan B for how to revoke certificates and have the revocation actually work.

These are both reasonable goals.

nottorpOP5h ago

> people don't forget how to update them

Seriously? I don't even remember how the letsencrypt auto renew service is called. No idea how I did the initial setup either.

Yes, seriously. Forgetting how to set up the automation is a different and significantly smaller issue.

j / k navigate · click thread line to collapse