Are these genuinely being hand rolled in an enterprise environment? Unless it’s completely impossible to automate then I can’t be sympathetic to companies that are just doing it wrong.
There’s lots of equipment that can’t accept certificates automatically. If they can, it might be in a closed off way that’s difficult to impossible to reverse engineer. If you can, that’s still a lot of skill and labor, which drives up the cost. They also might find out that it would be insecure to do it automatically.
Who is buying SSL certs for $300? Is this an enterprise thing? I’m using free certs on AWS. LetsEncrypt is also fine for self-hosting.
It’s way more than 300 if you want all the bells and whistles and many SANs even
It is an enterprise thing, yes.
$300 sounds ok for an enterprise thing
It’s more of an issue when it’s every 90 days. Even worse is the labor cost to replace the certificate on everything that needs it every 90 days.
Are these genuinely being hand rolled in an enterprise environment? Unless it’s completely impossible to automate then I can’t be sympathetic to companies that are just doing it wrong.
There’s lots of equipment that can’t accept certificates automatically. If they can, it might be in a closed off way that’s difficult to impossible to reverse engineer. If you can, that’s still a lot of skill and labor, which drives up the cost. They also might find out that it would be insecure to do it automatically.