If you ever need to validate certificates or certificate chains before deploying them, Golang provides a near foolproof test method. A 3rd party developed a tool that was then handed off to our DevOps team to manage and maintain. Before I could do any re-engineering work, I had to resolve a critical issue—the certificates on the ELBs were about to expire and needed updating. I assumed that if the ELB, NGINX, or httpd started, it was a good sign. This was a false assumption on my part and I ended up serving a bad chain for a few minutes. This did not break the site, but it was definitely not the way I wanted things to remain. I needed a tool that would fail if the certificate chain provided was incorrect. I wanted a lightweight tool that could be publicly accessible. Conducting a third-party analysis of the certificates and configuration was a requirement. There were no tools that I could find meeting this need, so I decided to build my own. I turned to the open source language, Golang. A detailed breakdown of how I built a tiny web server to fit my needs along with what each package is doing as detailed in the article linked above.
Blog Post: DevOpsDays NYC 2018 Ignite Talk on Golang
Source: DevOpsDays NYC 2018 d2 07 IG Chris Short
Download as MP4 (right click, Save As…)
If you'd like to have me speak at your conference, Meetup, podcast, webinar, live stream, etc. please send me a message. Thank you!
Here's a current list of ready to go CFPs and/or abstracts that I can speak to at a moments notice.