undefined | Better HN

0 pointsgrumple2y ago0 comments

Cloud providers have automated cert renewal.

0 comments

Hmm. This is interesting. Skimming over https://docs.aws.amazon.com/acm/latest/userguide/managed-ren... it sounds like it might be a matter of using DNS validation, whatever that is.

So that just leaves the question of registrar. As much as I like gandi, it seems like a better idea to migrate the domain itself to Amazon too. https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/re...

Theoretically, this would be a self-contained system — the only point of failure is AWS itself. As long as you load your account with a few thousand bucks, perhaps it will last “forever”.

I also like pg’s philosophy of "just pretend https doesn’t exist", but if it’s guaranteed that the automation won’t fail, it seems gratuitously fussy to insist on plain http.

Thanks!

j / k navigate · click thread line to collapse

0 comments

sillysaurusx2y ago

Hmm. This is interesting. Skimming over https://docs.aws.amazon.com/acm/latest/userguide/managed-ren... it sounds like it might be a matter of using DNS validation, whatever that is.

Theoretically, this would be a self-contained system — the only point of failure is AWS itself. As long as you load your account with a few thousand bucks, perhaps it will last “forever”.

I also like pg’s philosophy of "just pretend https doesn’t exist", but if it’s guaranteed that the automation won’t fail, it seems gratuitously fussy to insist on plain http.

Thanks!

j / k navigate · click thread line to collapse