Oh no, not just my build server, Microsofts build server… Everyones’ Azure build server - (if you’re building on windows)

  • Bappity@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    1
    ·
    6 days ago

    certificates fucking destroy everything in my work for an hour once every year

    • lud@lemm.ee
      link
      fedilink
      arrow-up
      21
      ·
      6 days ago

      You are supposed to be tracking when they expire and then renew/replace them before they expire.

      • MajorHavoc@programming.dev
        link
        fedilink
        arrow-up
        8
        ·
        edit-2
        6 days ago

        You are supposed to be tracking when they expire and then renew/replace them before they expire.

        I’ve been told that, as well, but I’m not sure I see it… Seems like a lot of effort… (This is sarcasm. Or is it just too much honesty?)

    • skuzz@discuss.tchncs.de
      link
      fedilink
      arrow-up
      12
      ·
      6 days ago

      Certs have existed a long time, are never implemented correctly, and the expiration cycle that is supposed to bolster security just causes pain as a result.

      Certs should just be redesigned to have a kill switch. CRLs were supposed to handle that, but are rarely implemented or implemented correctly.

      Certs are also used in so many places where they may not be suited to the task, but because they exist, they’ve become the de-facto standard.

      A temporal expiration system seems flawed from the beginning anyway. What, you don’t trust your system anymore just because time has passed? Time is always passing. Are we all secretly racist against clocks now?