Tag : certificates

As of this writing, it is 2019, and the tech-world has generally accepted TLS as a “good thing.” So let’s put certificates on our servers to make sure we’re talking to the right servers, and let’s also put certificates on our clients to make sure that the right clients are talking to the right servers.

We recently added etcd TLS to several environments and leveraged the certificate creation scripts in cf-release/scripts. These are wonderful little scripts but leave it as an exercise to copy and paste in the contents of the flat files into your deployment manifest. After my second copy-pasta a colleague (thanks Tom) created a helpful script to