For crypto code it's important that it's time-invariant, otherwise it is vulnerable to timing attacks. I've had to build this time-invariant equality test from scratch, because I couldn't find something on Google. I hope it's useful to someone else.
I have a fairly creative ssl setup on my webserver:
I run my own ‘certificate authority’ which signs the server certificate; I have a bunch of alternative names specified; The CA certificate sits on an ePass 2003 PKI token. I’m writing down how I sign certificates in this context so I can use this to look up the procedure instead of spending hours in DuckDuckGo. This is more of a tutorial than elegant prose.