Comment by ffsm8

1 day ago

Yes, we had lengthy discussions in itops (I had a admin role when LE was launched) about it.

The team lead couldn't get over the slogan "devops, automating downtimes since 2010" whenever someone wanted to add a new nonessential automation that does things on prod servers.

I mean he wasn't completely wrong, it was a non essential automation with high risk and very little reward (<1h saved every 2 yrs), which is why we never switched to LE for our main site, only internal tooling was allowed to use it

2 comments

ffsm8

Reply
cpach  1 day ago

Perhaps you know this already but in the future, certs issued by a “real” CA will not be allowed to live for more than 47 days.

https://www.digicert.com/blog/tls-certificate-lifetimes-will...

  • ffsm8  1 day ago

    I didn't know that, interesting.

    I was merely retelling an anecdote about how LE was always positioned to be exclusively about refreshing certs automatically, though. As I've moved out of (dev-)ops roles around 2016/2017 so I'm really not up to date with operations topics