3d ago · 8 min read · A certificate was loaded. Java said nothing. The server just closed the door. I was performance testing a REST API that required mutual TLS (mTLS) authentication. The setup looked correct — .pfx cert
Join discussion4d ago · 11 min read · Most teams pick a wildcard certificate the same way they pick coffee: whatever the team running the infrastructure happened to grab first. Then someone leaks the key, and you discover that one .pem file was authoritative for 200 subdomains, including...
Join discussion6d ago · 11 min read · SC-081v3 is the CA/Browser Forum ballot that staged a phased reduction of public TLS certificate lifetimes from 398 days down to 47 days between March 2026 and March 2029. Apple proposed it. The CAs voted against it. It passed anyway, and it's alread...
Join discussionMay 3 · 5 min read · What Is an SSL/TLS Certificate When your browser shows a padlock next to the address, it means the connection between you and the server is encrypted. Behind that padlock is an SSL/TLS certificate: a
Join discussionMay 2 · 10 min read · Mutual TLS (mTLS) authenticates both sides of a service-to-service connection using cryptographic certificates, blocking lateral movement and service impersonation inside your network. After being on-call for NTP-drifted VMs rejecting handshakes at 3...
Join discussionApr 28 · 11 min read · The post-quantum cryptography conversation has gotten loud, and most of it is wrong. Vendors are selling "migration programs" to teams that have nothing to migrate yet. Standards bodies shipped enough to confuse procurement and not enough to deploy a...
Join discussionApr 23 · 3 min read · I run a LinkedIn employees scraper on Apify that had a 62% false positive problem. Here is how we fixed it. The false positive problem The first version was a Google dork. Query site:linkedin.com/in/ "TargetCompany" and parse the SERP. Fast, cheap, a...
Join discussionApr 8 · 6 min read · If you've been ignoring the "quantum computing will break encryption" headlines for the last few years, I get it. It felt like a distant problem. But NIST finalized its first post-quantum cryptography standards in 2024, major browsers already support...
Join discussion
