All the devs at my company kind of hate it because it's always breaking stuff. I think it's cool in theory, but they have basically zero automated support on how to get the certificate installed.
They have manual instructions on how you add the certificate to the Java key store, and NPM key store, and the python key store, and the OS key store, etc...
And my whole thing is: won't malware use those same key stores? Won't malware detect that the certificate isn't passing and then just default to HTTP?
I'm starting to think it's security theater.
StrauXX 1 hours ago [-]
One of my team colleagues solved this one at hacklu. It was a wild ride from what I heard.
Rendered at 21:37:34 GMT+0000 (Coordinated Universal Time) with Vercel.
All the devs at my company kind of hate it because it's always breaking stuff. I think it's cool in theory, but they have basically zero automated support on how to get the certificate installed.
They have manual instructions on how you add the certificate to the Java key store, and NPM key store, and the python key store, and the OS key store, etc...
And my whole thing is: won't malware use those same key stores? Won't malware detect that the certificate isn't passing and then just default to HTTP?
I'm starting to think it's security theater.