TLS certificates for internal services done right

This technical post discusses the implementation of TLS certificates for internal network services using a split-horizon DNS strategy. The author argues that using public CAs with WAF-protected internal services is more efficient than managing self-signed certificates across multiple clients.
Title is a bit clickbait-y — YMMV, but let me explain why I think “this is the way”. Let’s start with a simple example — we have a server which hosts bunch of HTTP services. Some of those services are external, others internal. In order to reach the internal ones you need to be connected to the VPN.
Get the full story
Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.
Create free accountAlready have an account? Sign in