this post was submitted on 16 Oct 2024
192 points (91.4% liked)

Technology

59589 readers
3394 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] cupcakezealot@lemmy.blahaj.zone 16 points 1 month ago (2 children)

spending $300 every 90 days instead of 365 days is so much better /s

i hate apple so much

[–] lud@lemm.ee 20 points 1 month ago* (last edited 1 month ago)

I was in a meeting before the summer discussing this with Digicert we asked if you would need to pay every 90 days.

They answered that certs will still be bought at 1, 2, or 3 year intervals but can be renewed for free every 90 days.

It's pretty obvious when you think about it really.

[–] pixely@lemmy.world 20 points 1 month ago (2 children)

Who is buying SSL certs for $300? Is this an enterprise thing? I’m using free certs on AWS. LetsEncrypt is also fine for self-hosting.

[–] kn33@lemmy.world 15 points 1 month ago (1 children)

It is an enterprise thing, yes.

[–] jbk@discuss.tchncs.de 8 points 1 month ago (1 children)

$300 sounds ok for an enterprise thing

[–] kn33@lemmy.world 6 points 1 month ago (1 children)

It's more of an issue when it's every 90 days. Even worse is the labor cost to replace the certificate on everything that needs it every 90 days.

[–] pixely@lemmy.world 1 points 1 month ago (1 children)

Are these genuinely being hand rolled in an enterprise environment? Unless it’s completely impossible to automate then I can’t be sympathetic to companies that are just doing it wrong.

[–] kn33@lemmy.world 3 points 1 month ago

There's lots of equipment that can't accept certificates automatically. If they can, it might be in a closed off way that's difficult to impossible to reverse engineer. If you can, that's still a lot of skill and labor, which drives up the cost. They also might find out that it would be insecure to do it automatically.

[–] Evotech@lemmy.world 2 points 1 month ago

It's way more than 300 if you want all the bells and whistles and many SANs even