Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

We have all our services deployed on an internal network in AWS. We took care to use private hosted zones, gate access behind a VPN with SAML auth.

Turns out we're leaking our service usage by using ACM for our certificates.



Doing something similar on AWS right now, what do you mean by leaking service usage? What is ACM exposing? I assume the “fix” for this would be to host your own CA through ACM?


If I register a TLS cert for gitlab.donalmacc.ie, its publicly logged.

From this thread it seems the fix is to register a wildcard *.donalmacc.ie and use that cert.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: