Once upon a time, Grant Taylor via NANOG <[email protected]> said: > Solution 2 (or worse if private CA) involves additional > configuration, additional complexity, additional certificates & keys > to secure, and additional things to break.
If you have such a complicated multi-server setup that includes a need to encrypt your internal traffic, you should definitely be using some configuration management system to make sure you have all the encryption set correctly... at which point another cert is a trivial amount of effort. -- Chris Adams <[email protected]> _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/TSBFMAI365DGMMPSXC62FMZZLHSGKTFP/
