Certificates gone bad | The Backend Engineering Show
The Backend Engineering Show with Hussein Nasser
00:00
Is Your Private Key Leaked?
If the private key is leaked and the attacker got aces the private key, they can effectively keep the certificate. So we need to put an expiry date. It used to be three years,. We shorten to at least year. Lat'sincrept. Pud, i believe, two, three, three months. I believe by default, shorter the better. Wery, fewr one year or three years. Certificate didn't expire, but your private key got leaked before it expired. All of a sudden the client cannot refuse this certificate. You need to revoke these certificates. But most servers don't know that theyr their private acry lead. And so how does the client
Transcript
Play full episode
