[tech] UCC wildcard certificate
Matt Johnston
matt at ucc.asn.au
Thu Nov 5 22:59:56 AWST 2015
>> On Wed 4/11/2015, at 10:09 am, David Adam <zanchey at ucc.gu.uwa.edu.au> wrote:
>>
>> Alternatively, we could just turn HTTPS off for subdomains. We've got a
>> cert for secure.ucc.asn.au that's good until 2018. I didn't put HSTS on my
>> domain ;-)
I've set up letsencrypt certificates for https www.ucc.asn.au, ucc.asn.au and matt.ucc.asn.au (those were the ones I submitted with their beta). https secure.ucc has gone back to using the comodo certificate expiring in 2018. You put multiple "sslcertificatefile"/key lines for different virtualhosts in Apache's config it seems to magically figure it which cert to use. Other user webspace certificates expires on 11 November. Once letsencrypt is generally available I'll get certs for all subdomains again - looking at the web logs there's seems to be only accidental traffic to other domains (apart from zanchey.ucc).
I've switched postfix and dovecot (SMTP and IMAP) back to the 2018 secure.ucc certificate. I guess wifi or something else might also need attention?
Cheers,
Matt
More information about the tech
mailing list