Certificates, Keys, and Trust: The World of PKI and mTLS.

In this episode of the Access Control Podcast, Ben Arent sits down with Ben Burkert and Chris Stolt, the founders of Anchor Security, to discuss the challenges of managing internal TLS and how private CAs can help simplify the process. Ben and Chris share their experiences dealing with certificate-related outages and the frustrations that led them to start Anchor. They provide an in-depth look at the evolution of web cryptography, from the early days of SSL to the modern era of TLS and the impact of Let's Encrypt and the ACME protocol. The conversation also covers the benefits of using private CAs for internal PKI, including shorter certificate lifetimes, enhanced security, and improved developer experience. Ben and Chris introduce Anchor's new tool, lcl.host, which streamlines local TLS setup for developers. Throughout the episode, Ben and Chris offer practical advice for teams looking to implement internal PKI and MTLS, including best practices for certificate hierarchy design, tips for getting started, and the importance of testing your incident response and key rotation processes. Whether you're a developer, ops engineer, or security professional, this episode provides valuable insights into the world of internal TLS and how private CAs can help you secure your infrastructure more effectively. Tune in to learn from Anchor's experts and discover how to simplify your internal PKI management.