Certbot as an init container for AWS ECS

Certbot as an init container for AWS ECS

Encryption in transit has become a security standard for most network-based applications and is requested by the majority of our customers for all applications we help them to build or manage. Most of the modern applications support TLS out of the box but require the certificate and the corresponding private key to be provided externally. In some cases (for example, for intranet apps), self-signed certificates (or certificates signed by an internal CA) are sufficient, but if the application is internet-facing and needs to be used without additional steps on the client side, a certificate signed by a commonly trusted certificate authority (CA) is required. For AWS-based applications (as you may have guessed from the title, AWS are a main focus of this post), AWS Certificate Manager (ACM) can be used in combination with a load balancer to provide an amazon-signed certificate. This simple and efficient method is not applicable, however, if the certificate and the corresponding private key need to be provided to the application directly instead of an AWS-managed load balancer. This can be the case if the application is using TLS in combination with its own protocol which would make TLS termination on the load balancer impossible. Let’s Encrypt is an open CA that provides trusted certificates which can be acquired by using a tool that supports the ACME protocol. In this case, the certificate and private key can then be provided to the application directly and used also for custom TLS-based protocols. Certbot is one of such tools and can be used to obtain the TLS credentials.

 

AWS Sumerian as Quality Training – Digital Learning in the Enterprise

AWS Sumerian as Quality Training – Digital Learning in the Enterprise

Employee further training is nowadays one of the key challenges various industries (education, energy, medicine & health, manufacturing, etc.) are facing. As opposed to the past, when all training took place on paper, today learning can and should take advantage of computer-based, interactive technologies – to put it simply: digital learning.

(more…)

Introduction to Distributed Tracing

Introduction to Distributed Tracing

Microservice architectures are often a graph of components distributed across a network. This architecture gives rise to a new problem. How can we trace and bind together all services involved in one operation request? When a client calls an operation, it can be spread across different services over the network, each service has its own context.

(more…)

The Power of HTML5 Web Applications

The Power of HTML5 Web Applications

Most DMS platforms like Documentum and SharePoint have their out-of-the-box full clients which are meant to provide all (or most of all) of the platform functionality. Although these full clients can, normally, get customized or configured, they are, however, complex and slow to adopt new technologies.
If you have a specific use case, why start from a complex system and reduce it to your needs? Why not build a custom client that is streamlined and focus on your use case instead? The business logic can reside on the server. But for the client, we are free to use any state-of-the-art modern web framework.
HTML5 (CSS and JavaScript) has revolutionized the web client interface with a lot of new powerful functionalities. Nowadays there are many good frameworks and tools that allow us to rapidly build robust and reliable systems with a rich user interface, that looks like a native App – even with their own storage area on the local device.

(more…)