Checking with the group here on self signed certs ...
# security
Checking with the group here on self signed certs vs wildcard certs for public facing sub-domains. What is the preference and what is industry standard in terms of security?
self-signed certs are a user experience issue. wildcard certs are fine as long as you can keep track of everywhere they are used, and make sure all those endpoints are secure. there isn't anything more inherently insecure in a wildcard cert over multiple single domain certs.
there's the theoretical security concern over someone getting the key and setting it up on a new domain, but they'd also have to have access to your DNS to create that domain, or be able to do dns injection with their targets. i'm not sure how many actual real-world scenarios that's actually happened. probably more than zero, but nothing in security is zero, so 🤷
If i came across a public facing domain and it was self signed to me that would scream phishing or man in the middle attack, in the age of lets encrypt I dont think there is a need, even on internal sites you can use something like
I think the industry standard is to just generate a bunch of new certificates using automation (new at least on each deploy, if not more frequently than that) and not use wildcards or self-signed, but if you need to pick between the two then @Ryan Alder nailed it There is a push to reduce the max lifetime that a browser will honor for certs to 90 days, although I'm not sure how likely it will be