forked from devopsdays/devopsdays-web
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
53 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| +++ | ||
| Talk_date = "" | ||
| Talk_start_time = "" | ||
| Talk_end_time = "" | ||
| Title = "Golang to the rescue: Saving DevOps from TLS turmoil" | ||
| Type = "talk" | ||
| Speakers = ["chris-short"] | ||
| +++ | ||
|
|
||
| If you ever need to validate certificates or certificate chains before | ||
| deploying them, Golang provides a near foolproof test method. | ||
|
|
||
| A 3rd party developed a tool that was then handed off to our DevOps team to | ||
| manage and maintain. Before I could do any re-engineering work, I had to | ||
| resolve a critical issue—the certificates on the ELBs were about to expire and | ||
| needed updating. | ||
|
|
||
| I assumed that if the ELB, NGINX, or httpd started, it was a good sign. This | ||
| was a false assumption on my part and I ended up serving a bad chain for a few | ||
| minutes. This did not break the site, but it was definitely not the way I | ||
| wanted things to remain. | ||
|
|
||
| I needed a tool that would fail if the certificate chain provided was | ||
| incorrect. I wanted a lightweight tool that could be publicly accessible. | ||
| Conducting a third-party analysis of the certificates and configuration was a | ||
| requirement. There were no tools that I could find meeting this need, so I | ||
| decided to build my own. I turned to the open source language, Golang. | ||
|
|
||
| A detailed breakdown of how I built a tiny web server to fit my needs along | ||
| with what each package is doing as detailed in the article linked above. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| +++ | ||
| Title = "Chris Short" | ||
| Twitter = "ChrisShort" | ||
| image = "chris-short.jpg" | ||
| type = "speaker" | ||
| linktitle = "chris-short" | ||
| pronouns = "he/him" | ||
|
|
||
| +++ | ||
|
|
||
| Chris Short has over two decades in various IT disciplines from textile | ||
| manufacturing to dial-up ISPs to DevOps Engineer to Director of DevOps. He’s | ||
| been a staunch advocate for open source solutions throughout his time in the | ||
| private and public sector. He’s a partially disabled US Air Force Veteran | ||
| living with his wife and son in Greater Metro Detroit, Michigan. Check out his | ||
| writing at | ||
| [chrisshort.net](http://chrisshort.net) | ||
| and | ||
| [devopsish.com](http://devopsish.com). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.