← Back to context Comment by fanf2 2 years ago A bit difficult when providing services to third parties who can use any client software :-/ 2 comments fanf2 Reply tedunangst 2 years ago That's actually probably easier than getting a browser to work with a forbidden cert, how dare you. justsomehnguy 2 years ago Yes, but if you can serve multiple certificates on one endpoint (think SNI) then you can add your own self-signed or private PKI certificate to be able to check if all your requests are being intercepted by a lazy adversary.
tedunangst 2 years ago That's actually probably easier than getting a browser to work with a forbidden cert, how dare you.
justsomehnguy 2 years ago Yes, but if you can serve multiple certificates on one endpoint (think SNI) then you can add your own self-signed or private PKI certificate to be able to check if all your requests are being intercepted by a lazy adversary.
That's actually probably easier than getting a browser to work with a forbidden cert, how dare you.
Yes, but if you can serve multiple certificates on one endpoint (think SNI) then you can add your own self-signed or private PKI certificate to be able to check if all your requests are being intercepted by a lazy adversary.