Oh, the good old "let hostname point to 127.0.0.1 and embed the private key in the software running on localhost". This time from @amazon which actually also runs a CA and really should know better...https://koen.io/2019/07/26/underscoring-the-private-in-private-key/ …
-
-
while this is all true, there's a much more mundane reason not to do it: it's forbidden in the baseline reqs and as soon as someone finds it your cert will be revoked+your app broken. not saying everyone should know this - but people handling certificates should.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.