All challenges
beginner~10 min4 rounds

The Cert Expires Tonight. Just Bump It to a 10-Year Cert?

Your nginx TLS cert expires tonight and an expired cert took the site down last quarter. A teammate wants a 10-year self-signed cert. Defend the real fix.

NginxSecurity

the decision you defend

Your nginx TLS cert expires in a few hours and last quarter an expired cert took the site down. A teammate says just buy a 10-year self-signed cert and install it so we never deal with this again. What do you do, and why?

Sign in to startFree for everyone. Takes a few seconds.

the situation

It is late afternoon and monitoring flags that the production nginx TLS certificate expires tonight. Everyone on the team remembers the last time this happened: a cert quietly hit its expiry date, browsers started throwing security warnings, and the site was effectively down until someone scrambled to renew it. Nobody wants a repeat.

context

The site runs behind nginx serving HTTPS to both real users in browsers and other services calling its API. The current certificate was renewed by hand each cycle, tracked by a calendar reminder that got missed last quarter. A teammate in chat proposes a shortcut: generate a 10-year self-signed certificate, install it, and stop dealing with renewals for a decade.

How this challenge works

Take a position on the decision above and defend it. A senior-engineer AI will push back over up to 4 rounds. When you are done, you are scored against a verified rubric so you can see exactly what a complete answer covers - these are learning prompts, not gotchas.