Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is a decent rant, and I mostly share your frustration.

But At least GCP and AWS have certificate authority products which essentially do work the way you want them to:

https://cloud.google.com/certificate-authority-service https://aws.amazon.com/private-ca/

Azure may well have one too, I just don't use their service.



You just answered a rant about too much ceremony by linking to an entire service that costs a staggering USD 400 / month. That’s the cost of an FTE in like half the world… to issue what are essentially “fat passwords”.

Imagine with a straight face trying to sell someone a “password generator service” when in reality that’s just a one line script snippet.

The disconnect between the physical reality on the ground and how it is treated by industry is just absurd.

Ref: https://aws.amazon.com/private-ca/pricing/

Getting a signed cert issued should be a one-liner script referencing an AWS KMS or an Azure KeyVault!


Azure will let you tap into a HSM too




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: