4d ago · 14 min read · If you've been following this series, you know I've been building a production-grade Kubernetes homelab on three Raspberry Pi 4s. In the previous posts, I covered the hardware setup, OS installation,
Join discussion
May 25 · 15 min read · Originally published on dotnethow.net If you build SaaS for long enough, somebody will ask for custom domains. Their your.customdomain.com should hit your platform and serve their content, and they wa
Join discussion
May 22 · 3 min read · Managing JWT signing keys and TLS certificates is one of those problems that seems solved until it isn't. Every team I've worked on has the same story. Certificates get generated once, dropped into a
Join discussionMay 11 · 8 min read · A certificate was loaded. Java said nothing. The server just closed the door. I was performance testing a REST API that required mutual TLS (mTLS) authentication. The setup looked correct — .pfx cert
Join discussionMay 10 · 11 min read · Most teams pick a wildcard certificate the same way they pick coffee: whatever the team running the infrastructure happened to grab first. Then someone leaks the key, and you discover that one .pem file was authoritative for 200 subdomains, including...
Join discussionMay 8 · 11 min read · SC-081v3 is the CA/Browser Forum ballot that staged a phased reduction of public TLS certificate lifetimes from 398 days down to 47 days between March 2026 and March 2029. Apple proposed it. The CAs voted against it. It passed anyway, and it's alread...
Join discussion
