Article may be outdated

This article is 9 days old. Some details may have changed since publication.

Hacker News·6 min read·hard

TLS certificates for internal services done right

M
mrl5
TLS certificates for internal services done right
AI Summary

This technical post discusses the implementation of TLS certificates for internal network services using a split-horizon DNS strategy. The author argues that using public CAs with WAF-protected internal services is more efficient than managing self-signed certificates across multiple clients.

Title is a bit clickbait-y — YMMV, but let me explain why I think “this is the way”. Let’s start with a simple example — we have a server which hosts bunch of HTTP services. Some of those services are external, others internal. In order to reach the internal ones you need to be connected to the VPN.

Continue reading on Headlinne

Create a free account to read the full article.

Read full article →
technologystartups

Get the full story

Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.

Create free account

Already have an account? Sign in

TLS certificates for internal services done right — Headlinne — headlinne