Hacker News new | past | comments | ask | show | jobs | submit login

If you work in a corporate environment, you would probably notice that systems that insist on bundling their own certs without an easy to activate option of using system cert store are broken. (And even if the library has an easy to use option, if it's easy to not expose it, much software built on the library will still be broken.)

People should be empowered to substitute cert stores, but the system store should be the default.




A lot of corporate environments are fortunately legally bound and/or princilped about not doing mitm and are using the happy path of internet CAs.


You don't need to be doing MITM to get value out of using an internal CA.


It's a pain, sometimes it's worth it, oftentimes not.


Why yes, my web crawler operates in a corporate environment. It's almost as if different companies have different needs.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: