Auto Renew Let’s Encrypt Certificates
I’m a big fan of Let’s Encrypt (free, widely trusted SSL certificates) but not a big fan of most of the client software available for requesting and renewing certificates. Unlike a typical certificate authority, Let’s Encrypt doesn’t have a webui for requesting/renewing certs; everything is driven via an automated process that is run between a Let’s Encrypt software client and the Let’s Encrypt web service.
Since the protocols that Let’s Encrypt uses are standards-based, there are many open source clients available. Being security conscious, I have a few concerns with most of the clients:
- Complication. Many of the clients are hundreds of lines long and unnecessarily complicated. This makes the code really hard to audit and since this code is playing with my crypto key material, I do want to audit it.
- Elevated privilege. At least one of the clients I saw required root permission. That’s a non starter.
I can’t remember how, but I discovered a very clean, very simple client called acme-tiny at github.com/diafygi/acme-tiny. This script was obviously written by someone who shares the same concerns as I do and I highly recommend it to others.
I used acme-tiny to request my initial certificates — and it Continue reading
10 key considerations when building a private cloud
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
A private cloud enables enterprises to secure and control applications and data while providing the ability for development teams to deliver business value faster and in a frictionless manner. But while building a private cloud can transform IT, it can also be an expensive science experiment without careful planning and preparation. Here are ten considerations that will help ensure success.
1. Involve the stakeholders. Private clouds are not purely an IT project. The various business units that will be the actual users should be involved in figuring out the specifications and deliverables. A cloud changes the transactional relationship between IT and business. Both sides have to be engaged in figuring out and accepting how that relationship changes with a private cloud.
To read this article in full or to leave a comment, please click here
SD-WAN takes advantage of the 100x MPLS/Internet price gap
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Everyone is generally aware that MPLS is expensive compared to Internet connectivity (check out “Why MPLS is so expensive”), but are you aware exactly how enormous the difference is? Even with MPLS prices coming down, the precipitous drop in Internet prices has made the gap larger.
A few years ago MPLS typically cost $300-$600 per Mbps per month for the copper connectivity (i.e. n x T1/E1) typically deployed at all but the largest enterprise locations, while today in most of North America and much of Europe a more typical range is $100 - $300 per Mbps per month.
To read this article in full or to leave a comment, please click here
HPE Buys Big Data Analytics Company SGI for $275M
Tapping into the growth of high performance computing.
China Mobile Eyes 5G-enabled Drones To Solve Network Latency
Drones are deployed at the cellular edge.
Worth Reading: NTP is still a security risk
The post Worth Reading: NTP is still a security risk appeared first on 'net work.