Pease tell me you know of someone where this actually was true: that they made crazy money and they’re set for life.

Because, based on 30 years in and a complete lack of knowledge of anyone who got out and retired early, either personally and via someone I know, I conclude the only people for whom this worked were C-level. Even the smartest man I know didn’t cash in and get out.

I do know someone who retired at 48, though. He was a heavy duty mechanic. Paid off his house in a town he chose specifically for location, and bikes and kite-surfs all summer and skis all winter.

Yeah, mechanic. Union. Half pay for life is still half pay, but it’s FOR LIFE. He won.

That’s a weird implication to suggest.

You configure the VPN in the router the roku connects through.

At birth my fingerprints were the same as his. Mom did that thing where she mixed us up and had to take us back to the GP for ID.

I can still unlock his phone 50-50 with my melon but not as often with the fingers.

That’s too bad. Until Russia returns crimea and pays reparation for all the damage it caused in this belligerent invasion - in cash or clean land - trade needs to be a challenge.

showerhead

Whyis itso hardto puta spacewhere itbelongs?

You’re making so many assumptions about the diet and equipment used by your statistically significant cyclist that it’s almost cherry-picking, my dude. You realize that, right?

Fixed

Worked-around, you mean. And that hack seems temporary.

https://eu-os.eu/ ? No?

OH YEAH !

Is there a docker-free version due?

I certainly hope so! I have too much to do for just one life!

After 15 years? I applaud your gadgetry care and preservation.

The hinge lasts longer than a foldy screen.

Just

Red flag.

serve your website with Caddy

There is no security risk so bad that it can’t be made worse by layering on new tech with its own issues and pitfalls. (Paraphrasing Bruce Jackson)

Also my workplace hosts their own dns

The best way to control the data.

and I think it will be a cold day in hell before they let me do automated updates.

This is of waning value, but don’t jump into half-assed automation early or you end up with problems like route53 hijacking.

If you’re truly unaware of why TLS is necessary or how to automate the process then you should probably retire.

Oof. You’re gonna hit the bottom of the table with your knee like that.

What part of your security training skipped over understanding the customer’s setup before making recommendations?

End users should start getting used to that expired certificate warning in their browser of choice and the process to tell it to continue to the site anyway.

We already have a lot of this, and it’s definitely gonna get worse. Is a security dance so convoluted that people are used to others just messing up really an effective process?

Given the biggest breaches were caused by default passwords and misconfigured S3 outhouses, are we focusing on the right stuff today?

LetsEncrypt also built ACME, so they’re the primary port for testing RFC8555. They’re just gonna work better at it.

But, as above, maybe Digi is still the way for you, with the right tooling glued in.

Good luck!

manual renewals with Digicert has been a pain in the ass. If anyone has experience with their automated option I’d love to hear it.

Aren’t they RFC8555-compatible?

Yep, seems so:

ACME Directory URLs – Get certificate-level automation for Extended Validation (EV) and Organization Validated (OV) certificates. Manage multiple ACME clients, running on Windows or Linux so you can efficiently automate certificate delivery regardless of the quantity of certificates you’re managing. Improve the security of using ACME in your network through our CertCentral discovery sensors. The sensor is an extra layer of security, ensuring the ACME client doesn’t directly speak to an unsecure third party.

If you search for RFC8555 or ACME, you may find a tool you can use that may be compatible for renewing Digicert certs automatically.

I’d love to actually help, but honestly I knew the RFC offhand (correction; I was close but off) and googled the rest myself, so dragging the problem to ACME - like RFK dragging the carcass of a deer back to his sedan - is the best I can do for you today.