26 Nov
2017
26 Nov
'17
4:10 p.m.
Hey Jeremy,
thanks for getting back!
On 2017-11-21 12:44:41 (+0100), Jeremy Jongepier wrote:
CPU is not a problem. Unless anybody has any
objections I'll enable SSL
for linuxaudio.org subdomains as soon as Let's Encrypt starts offering
wildcard certificates, that way we can secure more services too and it
makes maintenance a bit easier. That will be January 2018 but if LE
can't deliver in due time I'll request separate certificates. There are
some non-linuxaudio.org domains on the server too, I'll look at those too.
That
is good news and I'm looking forward to it!
Note, that letsencrypt certificates can easily be setup using SAN
(Subject Alternative Name), which gets around the need for a wildcard
certificate (unless you literally have hundreds of subdomains).
So that really shouldn't be a reason to wait.
Certbot indeed makes it easy to do these things, but you can of course
choose other ways to do the ACME response.
Thanks and greetings,
David
--
https://sleepmap.de