this post was submitted on 02 Oct 2023
308 points (93.8% liked)
Sysadmin
7716 readers
12 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I do have a private ca service running on an internal ec2 instance, but all the AWS workspaces broker checks is if the device cert being passed by the thinclient was signed by one of the two signing certs you've loaded into the service, so the private ca itself still doesn't manage revocation in this case.
I do appreciate the suggestion. My main goal in sharing this use case was to show folks that there are many places certificate are used that let's encrypt isn't geared up to solve. Other examples are things like signing Microsoft API requests, etc.
Anyway, have a great day!
Oh fun. Thanks for sharing! Have a great day, yourself!