🇨🇦Samuel Proulx🇨🇦
@fastfinge@interfree.ca
@pvagner @zash @0x0 The issue is I have apps that require certificates in different formats. And I'd rather not store unencrypted privkeys on disc somewhere to convert from one format to another. And set up chron jobs to get the conversion done every time a certificate renews. And I issue a wildcard cert for most things. But XMPP servers don't seem to support wildcard certs. Sharing certs between apps is a giant mess; it's fine for HTTPS, because you just reverse proxy everything. But IRC and SMTP and IMAP and XMPP all have different requirements. What we need is a certificate manager that all apps use, that manages what apps have permission to use what certificates, tracks what's using what, handles renewals, and keeps the three different formats for storing certificates in sync. And then we need all apps to use it.