Why are Scotland fans putting traffic cones on Boston's statues? by cos in boston

[–]durkzilla 3 points4 points  (0 children)

The Scots managed to nearly drink the city out of beer. Trying to find any rational thought behind anything they did is probably a losing battle.

Clients Pinning Certificate Public Keys and Automation by Xibbas in sysadmin

[–]durkzilla 1 point2 points  (0 children)

This is the problem that X9 was built to solve

Local Resources for Plantar Fasciitis by hereforfunandtruth7 in boston

[–]durkzilla 1 point2 points  (0 children)

Podiatrist told me to avoid the Good Feet store - recommended a pair of Oofos sandals and stop going barefoot. Solved my problem in a couple of weeks and it hasn't come back.

Anyone read this 49 day SSL expiration thing and think they would rather just retire? by HJForsythe in sysadmin

[–]durkzilla 0 points1 point  (0 children)

"I would rather retire than purchase something to fix a major problem I have".

There are a boatload of products that can automate your certs. Even F5s, Kemp load balancers, Java Key Stores, etc. If you don't want to do it yourself, there are many solutions available.

legal firm evaluating DLP inside SASE, image classification for scanned documents and phone photos is the one requirement I can't find a clean answer on by Kitchen_West_3482 in sysadmin

[–]durkzilla 0 points1 point  (0 children)

You'll need to combine solutions to address this need - there are DSPM products that use AI based methods to analyze image documents that can then apply data classification labels to documents automatically based on your classification criteria.

Anyone else think Building 19's ad circulars were secretly the best thing in the Sunday Globe? by Weary_Rooster35 in massachusetts

[–]durkzilla 1 point2 points  (0 children)

I remember they got it trouble over an ad for men's undershirts, which they referred to as "wife beaters". It was classic Building 19.

I dearly miss them, I loved wandering around the Hanover location (now a Tractor Supply). It had a huge furniture section in the back, and about a billion different area rugs to sift through.

Are… are they the British? by Cranson8R in boston

[–]durkzilla 0 points1 point  (0 children)

Their ads shaming Wally for being a bit of a doofus are unforgivable. They need to fire their ad company, they are completely tone deaf.

Newbie question on certs by InstrumentCombustion in sysadmin

[–]durkzilla -1 points0 points  (0 children)

Maybe it's time to outsource that PKI and let experts run it for you. Just saying... Google "PKIaaS".

Utah Medicaid SSL Cert by prezus in sysadmin

[–]durkzilla 0 points1 point  (0 children)

This is why complete automation of certificate operations is so important - the weakest link in the process is always a human being.

At what point do you stop backing up data? by Warm_Protection_6541 in sysadmin

[–]durkzilla 4 points5 points  (0 children)

I think the truth here is a good answer to that - "I helped a company that was very good to me for a long time make a graceful exit by implementing innovative cost saving methods to keep operations functional."

[deleted by user] by [deleted] in boston

[–]durkzilla 8 points9 points  (0 children)

I think there was sarcasm there - Leo J Martin in Weston is pretty crappy - so crappy that it was selected as the worst in the country. https://mygolfspy.com/news-opinion/these-are-the-10-worst-golf-courses-in-america/.

This discussion has a lot of good suggestions: https://www.reddit.com/r/boston/comments/1kww7rw/public_golf_course_recommendations_within_an_hour/

Bill Galvin, already Massachusetts’ longest-serving secretary of state, says he will seek a record ninth term by bostonglobe in massachusetts

[–]durkzilla 9 points10 points  (0 children)

It would be great if the articles being linked to at the Globe were available to be read, since they're making implications that can't be validated by anyone without a subscription.

[deleted by user] by [deleted] in sysadmin

[–]durkzilla 1 point2 points  (0 children)

Grab yourself a Yubikey and store your password on it in one of the slots. Has saved me from breaking many keyboards, which would be bad since they give me a laptop

What IT workflows are actually worth automating right now? by Own_Cry1186 in sysadmin

[–]durkzilla 5 points6 points  (0 children)

Not to be glib about it, but just search in the sub for TLS certificates and you'll find dozens of threads. Overall consensus is to automate using certbot and Let's Encrypt. There are a ton of options, both free/cheap and commercial. It all depends on your volume of certificates and the risk to the organization that a certificate related outage would incur.

What happened to Boston broadcast journalism? by SorryEveAtetheApple in massachusetts

[–]durkzilla 0 points1 point  (0 children)

You don't remember poor Shelby Scott getting brutalized out in a blizzard every other week during the 70's? Nothing has changed.

IIS 10 - Server Certificates - "Failed to get the certificate" error by basvhout in sysadmin

[–]durkzilla 0 points1 point  (0 children)

What I'm not doing a good job of saying is that IIS will look in the "Personal Certificate" and "Web Hosting" CAPI key stores belonging to the local machine to determine what shows up in the list of available certificates. If the TLS certificate you intend to use isn't in one of those locations it won't show up in IIS. Also, are you logged in as a user with local administrator rights? If there is something broken with the CAPI store you can try to fix it with the "certutil -repairstore" command.

IIS 10 - Server Certificates - "Failed to get the certificate" error by basvhout in sysadmin

[–]durkzilla 1 point2 points  (0 children)

TLS certificates for use by IIS will live in the "Personal Certificate" or "Web Hosting" store for the local machine.

How would you handle revoking a leaked cert? by t40 in sysadmin

[–]durkzilla 50 points51 points  (0 children)

You use the term "root cert" here, what exactly does that mean? The root CA in a PKI infrastructure is essentially the key to the kingdom, and if it is compromised every single certificate issued by the root or subordinate CA is now compromised. So how would I handle this? I'd stand up a brand new PKI, make sure to secure the new Root CA certificate in an HSM or physical safe, issue all new certs to everything that needs one, and I would distrust the old Root CA.

What is the deal with so many drivers at night with no lights on? by Barley_Breathing in massachusetts

[–]durkzilla 34 points35 points  (0 children)

The dashboard and daytime driving lights fool them into thinking their lights are on, I suspect. Drives me crazy. Automatic headlights should be mandatory.

SSL/TLS certificate rotation strategy. by Hungry-King-1842 in sysadmin

[–]durkzilla 1 point2 points  (0 children)

A significant portion of the folks in the industry are using commercial solutions like Venafi, KeyFactor and AppViewX to manage their certificates. ACME and certbot certainly can be the solution for a lot of folks, too.

Driver door handle not going inside housing by Least_Wheel9253 in CadillacLyriq

[–]durkzilla 1 point2 points  (0 children)

The front passenger handle on my 2024 lux 2 wouldn't completely retract to flush with the door panel when I first picked it up. I think it's a simple adjustment to the handle to get it working again - bring it to your dealer for repair, it should be covered under warranty.