The mantra “don’t roll your own crypto” is widely known and accepted amongst programmers, but what does it actually mean? It turns out that such a simple statement is not so simple to follow. What many people take away from “don’t roll your own crypto” is that they shouldn’t create their own crypto algorithms. This […]
I had to configure TLS for an application last week and the biggest challenge was actually finding out whether TLS is enabled.
Because well, ideally you’re not going to see much of it.
At one point, I hadn’t passed the configuration all the way, but assumed I had TLS now, because of some misleading logging further up in the stack, because yeah, I couldn’t see anything else happening.