I learned a lot from your previous videos about creating and using one's own private ca based on openSSL. Very recently I decided to change to step-ca as soon as I can allocate the time to make the change. Imagine how lucky I feel to see you now also have a brand new tutorial on step-ca!!

@TechTutorialsDavidMcKone

3 ай бұрын

Step-ca has been on my radar for a while and I eventually got round to it So it was good to be able to finally put it to use

Thank you for your instructional videos. I find them to be very useful. and appreciate that you don't gloss over the details and more often than not, provide additional insight. For this implementation when using ACME, how do you include the IP address in the SAN when PVE generates the CSR, in addition to the FQDN, so connecting via IP provides a secure connection? With your recent Ansible videos, it would be interesting to see how much of this process could be automated for existing hosts and new hosts as they are provisioned.

@TechTutorialsDavidMcKone

2 ай бұрын

I haven't tested this with a SAN or IP addressing but according to the documentation, step-ca support this smallstep.com/docs/step-cli/reference/ca/token/ For PVE for instance, you can include multiple entries in the domain field You just have to separate them with a semi-colon e.g. prox1.servers.com;192.168.12.12 Ansible's very flexible as you can just execute commands if there isn't a module to support this So for PVE you have the pve config command available pve.proxmox.com/pve-docs/pvenode.1.html

I’m amazed, your content is great, good explaining and a great purpouse

@TechTutorialsDavidMcKone

3 ай бұрын

Thanks for the feedback The videos I'm doing tend to cover what I'm doing myself to improve IT

For more usability for users that watch youtube videos on there smartphones, could you please consider 3 things: enlarge the terminal, press enter 2 or 3 times in order not to start at the top and after you paste text presh arrow right in order to demarc the text so it is better readable? That would be fantastic 🙂

@TechTutorialsDavidMcKone

3 ай бұрын

Good suggestions I did enlarge the font some time back based on comments, and my video editor seems to blur things when I get it to zoom but I'll revisit that option as well In the mean time, there is a blog which has all the commands in it www.techtutorials.tv/sections/it-security/automated-tls-certificates-step-ca/ Just need to figure out how to get markup language to give me a copy button

Very interesting! Thanks for this video.

@TechTutorialsDavidMcKone

3 ай бұрын

Yes, it's very useful You can run it as a normal application, but I'm liking the container option Retail switches for instance that don't support SSH will still need manual work But I noticed Cerbot supports a lot of systems so that could be used to automate other devices

+1

Nice coverage but too much of a hassle for using CLI

@TechTutorialsDavidMcKone

3 ай бұрын

Docker has a desktop option www.docker.com/products/docker-desktop/ And so does Podman podman-desktop.io/ Portainer is an interesting alternative mind www.portainer.io/ But for now at least it's only supporting Docker The bootstrapping stuff I was doing was more for basic testing and updating the certificate store. It's not necessary for web browsers Not much CLI work to do for Proxmox VE, but hopefully they'll add that into the GUI at some point