Comment by digitalPhonix

Comment by digitalPhonix 2 months ago

1 reply

View on Hacker News

How? An internal CA is just a self-signed certificate that you’ve told your device to trust; and to trust other certificates signed by it.

Somewhere you still need to trust a self-signed certificate.

cpach 2 months ago

You can guard the root certificate better than the leaf certificate. For example, you can keep it offline in an air-gapped environment.

Reply View 0 replies