irelephant [he/him]@programming.devM to iiiiiiitttttttttttt@programming.devEnglish · 2 months agoMicrosoft let the certificate expire for one of their image subdomains.programming.devimagemessage-square23fedilinkarrow-up1194arrow-down10file-text
arrow-up1194arrow-down1imageMicrosoft let the certificate expire for one of their image subdomains.programming.devirelephant [he/him]@programming.devM to iiiiiiitttttttttttt@programming.devEnglish · 2 months agomessage-square23fedilinkfile-text
minus-square_____@lemm.eelinkfedilinkEnglisharrow-up6·2 months agoHow do you all manage this ? They manually create certs at my job then manually move them other to a network drive and then a gpo? policy installs those certs to AD users. I found a way to automate this process (but company didn’t care) But I’m not an IT person, what’s the best approach for doing this on promises?
minus-squareBjörn Tantau@swg-empire.delinkfedilinkarrow-up7·edit-22 months agoLuckily Let’s Encrypt made automation more popular. Every new domain of mine gets a cert that is renewed automatically. I don’t have to worry at all about it.
minus-squareSpaceNoodle@lemmy.worldlinkfedilinkarrow-up3·2 months agoHow do you manage automatic renewal?
minus-squareBjörn Tantau@swg-empire.delinkfedilinkarrow-up3·2 months agoA cronjob calling Let’s Encrypt’s tool. I think it’s called certbot.
minus-squareTenkard@lemmy.mllinkfedilinkarrow-up2·2 months agoI use caddy as reverse proxy and you have to do… Literally nothing. Point the domain at your server and write in the Caddyfile my.domain { reverse_proxy myservice:3000 } It also supports wildcard certificates for many domain services
minus-squareAppoxo@lemmy.dbzer0.comlinkfedilinkarrow-up2·edit-22 months agoFor my personal setup at home: Traefik with LE I think at work my technical lead buys multi-year certs and manually imports them. Some clients of us use LE in some combination with another software.
minus-squarenucleative@lemmy.worldlinkfedilinkEnglisharrow-up1·2 months agoI use a cronjob with cerbot to renew I also have Uptime Kuma setup to alert if certificates are getting close to expiration
How do you all manage this ?
They manually create certs at my job then manually move them other to a network drive and then a gpo? policy installs those certs to AD users.
I found a way to automate this process (but company didn’t care)
But I’m not an IT person, what’s the best approach for doing this on promises?
Luckily Let’s Encrypt made automation more popular. Every new domain of mine gets a cert that is renewed automatically. I don’t have to worry at all about it.
How do you manage automatic renewal?
A cronjob calling Let’s Encrypt’s tool. I think it’s called certbot.
I use caddy as reverse proxy and you have to do… Literally nothing. Point the domain at your server and write in the Caddyfile
my.domain { reverse_proxy myservice:3000 }
It also supports wildcard certificates for many domain services
For my personal setup at home: Traefik with LE
I think at work my technical lead buys multi-year certs and manually imports them.
Some clients of us use LE in some combination with another software.
I use a cronjob with cerbot to renew
I also have Uptime Kuma setup to alert if certificates are getting close to expiration