That’s fair, it’s more a reflection that it doesn’t apply in their environment. Eg they can’t leverage it with their PKI setup anyways.
-
-
In my extensive PKI experience enterprise customers trust many roots and any special semantics your code introduces won’t be understood ...
1 reply 0 retweets 0 likes -
By those people who expect it to work like every other product.
1 reply 0 retweets 0 likes -
FWIW, I've just written almost exactly the same code as the Hashicorp code and I do think there's a misunderstanding here.
2 replies 0 retweets 0 likes -
Replying to @BRIAN_____ @armon and
CN is a ambiguous name by which an object is know in some limited scope and conforms to the naming conventions of the associated scope.
2 replies 0 retweets 0 likes -
First, in these custom PKIs the CN isn't necessarily ambiguous, though people often don't realize that in their environment it is.
1 reply 0 retweets 1 like -
Replying to @BRIAN_____ @rmhrisk and
Second, there probably should be a toggle "make it work according to what the last k8s docs I read told me to" vs "do it the right way."
1 reply 0 retweets 1 like -
-
kubernetes.
1 reply 0 retweets 1 like -
Many of these setups are doing no authentication between nodes and so even the config where any issued cert is trusted is an improvement.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.