Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Lets Encrypt now support wildcard certificates


162 posts

Master Geek
+1 received by user: 65

Subscriber

Topic # 231818 14-Mar-2018 17:39
3 people support this post
Send private message quote this post

per title Lets Encrypt are now offering wildcard certificate support 

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976725 14-Mar-2018 20:13
Send private message quote this post

Whoop have been waiting for this.

Is it fully rolled out now? I thought just the client.




Previously known as psycik

NextPVR/OpenHAB: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

'That VDSL Cat'
7539 posts

Uber Geek
+1 received by user: 1519

Trusted
Spark
Subscriber

  Reply # 1976726 14-Mar-2018 20:14
Send private message quote this post

Hm. this will be interesting..

 

 




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
BDFL - Memuneh
60047 posts

Uber Geek
+1 received by user: 11134

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1976735 14-Mar-2018 20:33
Send private message quote this post

AlwaysOnSSL is a good option - and certificates last one year, not three months,




Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff) | Backblaze cloud backup (personal and business)My technology disclosure  

 

You can support content creators (and Geekzone) by using the Brave browser.

57 posts

Master Geek
+1 received by user: 3


  Reply # 1976741 14-Mar-2018 20:46
Send private message quote this post

freitasm:

 

AlwaysOnSSL is a good option - and certificates last one year, not three months,

 

 

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

 

On Topic: Awesome! I've been waiting for LE wildcard support

3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976742 14-Mar-2018 20:48
Send private message quote this post

OT-ish does the always on do wildcard?




Previously known as psycik

NextPVR/OpenHAB: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

523 posts

Ultimate Geek
+1 received by user: 97


  Reply # 1976746 14-Mar-2018 20:53
Send private message quote this post

TheoM:

freitasm:


AlwaysOnSSL is a good option - and certificates last one year, not three months,



OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.


On Topic: Awesome! I've been waiting for LE wildcard support



I thought the point of LE is that the client automatically renews the certificate every 1-90 days, set and forget for basic installs :)


Clint

BDFL - Memuneh
60047 posts

Uber Geek
+1 received by user: 11134

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1976747 14-Mar-2018 20:55
Send private message quote this post

davidcole: OT-ish does the always on do wildcard?

 

No, it doesn't. 




Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff) | Backblaze cloud backup (personal and business)My technology disclosure  

 

You can support content creators (and Geekzone) by using the Brave browser.

13748 posts

Uber Geek
+1 received by user: 2391

Trusted
Subscriber

  Reply # 1976753 14-Mar-2018 21:07
Send private message quote this post

Wildcard certs are a nice feature to have.

 

I use Acme to issue and reissue Let's Encrypt certificates on my AWS Linux server. Works great. The LE client certbot didn't work well on AL when I tried it.

 

NB: don't use Amazon Linux 1 / 2, use Ubuntu or something else more widely used.




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer

296 posts

Ultimate Geek
+1 received by user: 56


  Reply # 1976765 14-Mar-2018 21:25
Send private message quote this post

Good news! Auto-renewal of a 3 month certificate isn't a big issue when done by dedicated cron job (i.e. bi-weekly or monthly).




Nope, English isn't my mother tongue. But that's why I'm here. smile

3347 posts

Uber Geek
+1 received by user: 1118

Subscriber

  Reply # 1976772 14-Mar-2018 21:41
Send private message quote this post

I feel like the first tutorial I found on doing nginx with let's encrypt covered off installing certbot and setting the cron job for updates.

This is great news, was about to buy my own wildcard cert for home domain but won't bother now!

3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976798 14-Mar-2018 22:01
Send private message quote this post

The automation only works if one of the supported methods works.

So in my case I can do it with one cert as I’ve got it opened for https.

But another I get I have to manually do via dns as it’s not exposed to the internet. But I have scripted a conversion and loading to the site that uses it (the unifi controller)




Previously known as psycik

NextPVR/OpenHAB: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

IcI

665 posts

Ultimate Geek
+1 received by user: 147

Trusted

  Reply # 1976837 14-Mar-2018 23:33
One person supports this post
Send private message quote this post

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

 

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976936 15-Mar-2018 08:50
One person supports this post
Send private message quote this post

IcI:

 

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

 

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

 

 

 

 

Yeah I could probably do that.  I'll look at doing a blog post with it, if nothing else it gets it in the cloud in case I lose it.




Previously known as psycik

NextPVR/OpenHAB: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

395 posts

Ultimate Geek
+1 received by user: 86

Subscriber

  Reply # 1990993 7-Apr-2018 12:39
Send private message quote this post

Anyone else having trouble reaching https://alwaysonssl.com/

 

On Spark Fibre here.

523 posts

Ultimate Geek
+1 received by user: 97


  Reply # 1990995 7-Apr-2018 12:40
Send private message quote this post

MackinNZ:

Anyone else having trouble reaching https://alwaysonssl.com/


On Spark Fibre here.



Yep on bigpipe fibre

Clint

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

TCF and Telcos Toughen Up on Scam Callers
Posted 23-Apr-2018 09:39

Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38

Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55

How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08

How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15

iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13

Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11

111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50

Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41

Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29

Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22

Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18

Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47

Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25

New Zealand Adopts International Open Data Charter
Posted 3-Mar-2018 12:48


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.