I often criticize myself on not blogging more often. The process goes like this: I'm doing something mildly interesting and I say to myself 'This is mildly interesting, maybe someone else will find this mildly interesting.'. But 9 out of 10 times, what ever I'm doing has some code (when I say code I usually mean an Ansible playbook, a shell script or something similar) accompanying. Instead of a lengthy blog post, I publish a git repo. The repo has a
README file, the code is documented, there's a
fabfile, you can clone and fork the repo. It's almost always better than a blog post.
However now I have many repositories and just a few blog posts. What I'm going to do from now on is I'll publish the git repo, but add a short post announcing the repo.
I'm announcing ssl-ca, a tool to generate a certificate authority, keys and signed certificates. The main use case is an internal network (like a development or staging environment, but not just) where you control all nodes. For that goal, it's as close to a real CA as needed and somewhat secure. There's no OCSP or CRL, the certs serial is random, but the default hash, bit length and algorithms are modern and secure. You can get it at: https://git.shore.co.il/nimrod/ssl-ca/.