1 comment

[ 3.6 ms ] story [ 15.8 ms ] thread
I am not even sure I buy the automation increases security posture claim.

When I was automating my own LetsEncrypt cert updates, I had to effectively expose my DNS API keys to the same runtime environment as the ACME client (I could have created a thinner interface between two compartmentalized services with more effort, true), thus increasing the chances of an exploit in one flowing into the other. And with a bug in certificate automation, your entire domain is open to hijaacking too.

Not to mention that I have to push the same certs to other services running on the same IP (like my self-hosted email), which really works against my encapsulation of every service inside a separate VM (if automated). So an automation exploit and there goes my mail server too (you need to set certs up as a user with sufficient permissions to reconfigure the mail server).