set_trace # timfreund's blog on dev, ops, and other work stuff

SSL Cert Support

Just heard about someone complaining that an SSL certificate was incompatible with their application server. It turns out that their application server is really, really old, but somehow this wasn’t the problem. The guys who procured the fancy new cert for the third party service were obviously at fault.

The real problem is that people will pay $20K+ per CPU for an application server because it comes with support, and then they realize when it is too late that their support dollars don’t really buy them much in the way of assistance when things don’t work out right, so then the suckers with the support contract need to pawn off all of their problems on to third parties that are just trying to efficiently run a service.

It doesn’t help that the $20K+ per CPU application server is such a monster to install and maintain that no one really wants to upgrade until they absolutely must. The folks in question were running said application server under Java 1.4, and that was EOL’ed in 2008, so I can only imagine how old the application server is. I can’t understand how such a situation is at all preferable to running something open source and up to date. The money spent on licensing can be better spent on people who can actually solve real problems as they come up.