@iliana Working on Sundays is time theft.
(And you are the victim.)

@kellerfuchs ah, but this is for my personal shenanigans which happen to be on AWS :)

@iliana Then clearly you should write up a report at work tomorrow. :3

@iliana i love that you _work at AWS_ but _still_ hate so much of it

it's pretty hilarious tbh

@er1n I hate it because I know *why* things are bad

and the why is almost always "amazon culture is a trashfire"

oh shit ACM supports wildcard certs

@iliana yeah, and alternate cert names. it seems really handy, until you try to use ACM certs with something that doesn't support it, and discover it's not really possible to get the certs out of ACM for general usage.

but for inside of AWS with their services, it's pretty ok.

@nergdron yeah I wish they made that more obvious. (to me I already know what ACM's target use is)

given that certificates are practically free now, it's nice that companies are starting to go toward "we keep the keys secure, if you need to move off this product it's somewhat trivial to get a new cert"

@iliana yeah. it's such an important infrastructure piece, and I love that certbot has commodified it so that the big companies can't afford to not do the same.

hmm

do you think somebody in AWS support or ACM will notice the SAN I have on my current certificate, "jeffsballs.glass"

@iliana that got an actual out-loud guffaw from me

i can’t imagine aws front line support is phased by anything anymore, though?

@r4v5 I mean

you never know

I think what's most likely going to happen here is I'm going to rig up something utterly ridiculous to automatically upload let's encrypt certs to ACM and use them on cloudfront