• nickwitha_k (he/him)
    link
    fedilink
    -51 year ago

    So is using “pass” as the password to all of your sensitive systems. Still not best, or even good practice.

    • JWBananas
      link
      fedilink
      English
      181 year ago

      Are you conflating self-signed and untrusted?

      Self-signed is fine if you have a trusted root deployed across your environment.

      • nickwitha_k (he/him)
        link
        fedilink
        41 year ago

        Correct. If using actual pki with a trusted root and private CA, you’re just fine.

        I took the statement to mean ad-hoc self-signed certs, signed by the server that they are deployed on. That works for EiT but defeats any MitM protection, etc.