4.9 • 696 Ratings
🗓️ 10 July 2025
⏱️ 5 minutes
🧾️ Download transcript
Click on a timestamp to play from that location
0:00.0 | Hello and welcome to the Thursday, July 10, 2025 edition of the Sands and then at Storm Center's Stormcast. |
0:08.2 | My name is Johannes Ulrich and this episode brought you by the Sands.edu graduate certificate program in instance. |
0:16.1 | Response is recorded in Jacksonville, Florida. |
0:20.4 | In Diaries today, I just did a quick write-up about setting up your own certificate authority |
0:25.0 | sort of for development purposes. |
0:27.0 | So this particular write-up doesn't focus on how to do it super secure, but how to do it |
0:33.6 | convenient and integrated well with various development tools and development websites |
0:39.2 | that you may have, which in particular means also integrating it with the ACMI protocol. |
0:44.9 | The ACMI protocol, you may be familiar with it from tools like SERD bot that are commonly used |
0:51.0 | to retrieve certificates from Let's Encrypt. |
0:54.7 | But if you set up your own server authority, well, you want to stay simple and |
1:00.4 | use tools like that, well, and you actually can use certbot. |
1:04.5 | There is an open source set of authority from Small Step that implements the AcMI protocol relatively straightforward to set up. |
1:13.6 | They also have commercial products, but this particular product is free and open source, |
1:20.6 | and also well documented and not really all that difficult to set up. |
1:25.6 | One thing to particular note if you are using your own internal set of authority |
1:30.6 | is that you're not bound by any of the constraints of some of the public server authorities. |
1:36.7 | Like, for example, the certificate lifetime. |
1:39.7 | You can create longer, shorter certificates, whatever you would like. |
1:46.0 | You just have to add that certificate authority manually to your operating system or to your browser's list of trusted certificate authorities. |
1:54.8 | Also, keep in mind that when you're doing this, your certificates will not show up in certificate transparency lists. |
2:03.6 | That's actually a big advantage for development websites, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.