If you want to create an SSL certificate for multiple subdomains, you could either use a wildcard certificate like *.example.com or you could use an SSL certificate with SubjectAlternativeName (SAN). For example, if you create an SSL certificate with SubjectAlternativeName (SAN) like this: CN: gitlab.example.com SAN: registry.example.com, mattermost.example.com In my understanding it was one main […]
While most Linux Kernels nowadays come with nice sysctl defaults, there’s always room for improvement. Some parameters can be used for performance tuning, others can be critical for security hardening. What is sysctl? sysctl is an interface to view and dynamically change parameters in Linux and other *NIX operating systems. In Linux, most of the dynamic Kernel settings can be […]
In this blog post we show you how to add a custom certificate authority to the trusted certificate authorities of an OS distribution. Additional, we’ll publish an Ansible playbook to manage the trusted certificates.
When you’re using Ansible or any other configuration management tool, you might come in contact with deploying SSL certificates sooner or later. While deploying public SSL certificates isn’t a security issue at all, the deployment of private keys become more critical – at least if you want to deploy them securely.