Comment by fanf2 3 years ago A bit difficult when providing services to third parties who can use any client software :-/ 2 comments fanf2 Reply tedunangst 3 years ago That's actually probably easier than getting a browser to work with a forbidden cert, how dare you. justsomehnguy 3 years ago Yes, but if you can serve multiple certificates on one endpoint (think SNI) then you can add your own self-signed or private PKI certificate to be able to check if all your requests are being intercepted by a lazy adversary.
tedunangst 3 years ago That's actually probably easier than getting a browser to work with a forbidden cert, how dare you.
justsomehnguy 3 years ago Yes, but if you can serve multiple certificates on one endpoint (think SNI) then you can add your own self-signed or private PKI certificate to be able to check if all your requests are being intercepted by a lazy adversary.
That's actually probably easier than getting a browser to work with a forbidden cert, how dare you.
Yes, but if you can serve multiple certificates on one endpoint (think SNI) then you can add your own self-signed or private PKI certificate to be able to check if all your requests are being intercepted by a lazy adversary.