Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Lets Encrypt now support wildcard certificates


186 posts

Master Geek
+1 received by user: 72

Subscriber

Topic # 231818 14-Mar-2018 17:39
3 people support this post
Send private message

per title Lets Encrypt are now offering wildcard certificate support 

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
4132 posts

Uber Geek
+1 received by user: 554

Trusted

  Reply # 1976725 14-Mar-2018 20:13
Send private message

Whoop have been waiting for this.

Is it fully rolled out now? I thought just the client.




Previously known as psycik

NextPVR: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,
OpenHAB: ODroid C2 eMMC DriveOpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

'That VDSL Cat'
9078 posts

Uber Geek
+1 received by user: 1993

Trusted
Spark
Subscriber

  Reply # 1976726 14-Mar-2018 20:14
Send private message

Hm. this will be interesting..

 

 




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 
 
 
 


BDFL - Memuneh
61812 posts

Uber Geek
+1 received by user: 12464

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1976735 14-Mar-2018 20:33
Send private message

AlwaysOnSSL is a good option - and certificates last one year, not three months,




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Business Transformation | Enterprise Content Management | Customer Relationship Management | Sharesies investment fund

99 posts

Master Geek
+1 received by user: 17

Trusted

  Reply # 1976741 14-Mar-2018 20:46
Send private message

freitasm:

 

AlwaysOnSSL is a good option - and certificates last one year, not three months,

 

 

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

 

On Topic: Awesome! I've been waiting for LE wildcard support




Hi! I'm TheoM, but you know that already. I run Linux mirrors in NZ together with 2degrees. Like a mirror added? PM me!

 

 

https://theom.co.nz | https://theom.nz | https://mirrorlist.mirrors.theom.nz | Providing Free Mirrors Since Ages Ago™

4132 posts

Uber Geek
+1 received by user: 554

Trusted

  Reply # 1976742 14-Mar-2018 20:48
Send private message

OT-ish does the always on do wildcard?




Previously known as psycik

NextPVR: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,
OpenHAB: ODroid C2 eMMC DriveOpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

547 posts

Ultimate Geek
+1 received by user: 106


  Reply # 1976746 14-Mar-2018 20:53
Send private message

TheoM:

freitasm:


AlwaysOnSSL is a good option - and certificates last one year, not three months,



OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.


On Topic: Awesome! I've been waiting for LE wildcard support



I thought the point of LE is that the client automatically renews the certificate every 1-90 days, set and forget for basic installs :)


Clint

BDFL - Memuneh
61812 posts

Uber Geek
+1 received by user: 12464

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1976747 14-Mar-2018 20:55
Send private message

davidcole: OT-ish does the always on do wildcard?

 

No, it doesn't. 




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Business Transformation | Enterprise Content Management | Customer Relationship Management | Sharesies investment fund

14289 posts

Uber Geek
+1 received by user: 2590

Trusted
Subscriber

  Reply # 1976753 14-Mar-2018 21:07
Send private message

Wildcard certs are a nice feature to have.

 

I use Acme to issue and reissue Let's Encrypt certificates on my AWS Linux server. Works great. The LE client certbot didn't work well on AL when I tried it.

 

NB: don't use Amazon Linux 1 / 2, use Ubuntu or something else more widely used.




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer

577 posts

Ultimate Geek
+1 received by user: 109


  Reply # 1976765 14-Mar-2018 21:25
Send private message

Good news! Auto-renewal of a 3 month certificate isn't a big issue when done by dedicated cron job (i.e. bi-weekly or monthly).




No backup, no pity. Anyway, RAID isn't one.

3685 posts

Uber Geek
+1 received by user: 1392

Subscriber

  Reply # 1976772 14-Mar-2018 21:41
Send private message

I feel like the first tutorial I found on doing nginx with let's encrypt covered off installing certbot and setting the cron job for updates.

This is great news, was about to buy my own wildcard cert for home domain but won't bother now!

4132 posts

Uber Geek
+1 received by user: 554

Trusted

  Reply # 1976798 14-Mar-2018 22:01
Send private message

The automation only works if one of the supported methods works.

So in my case I can do it with one cert as I’ve got it opened for https.

But another I get I have to manually do via dns as it’s not exposed to the internet. But I have scripted a conversion and loading to the site that uses it (the unifi controller)




Previously known as psycik

NextPVR: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,
OpenHAB: ODroid C2 eMMC DriveOpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

IcI

821 posts

Ultimate Geek
+1 received by user: 173

Trusted

  Reply # 1976837 14-Mar-2018 23:33
One person supports this post
Send private message

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

 

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

4132 posts

Uber Geek
+1 received by user: 554

Trusted

  Reply # 1976936 15-Mar-2018 08:50
One person supports this post
Send private message

IcI:

 

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

 

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

 

 

 

 

Yeah I could probably do that.  I'll look at doing a blog post with it, if nothing else it gets it in the cloud in case I lose it.




Previously known as psycik

NextPVR: Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,
OpenHAB: ODroid C2 eMMC DriveOpenHAB with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave and Bluetooth LE Sensors
Media:Chromecast v2, ATV4, Roku3, HDHomeRun Dual
Windows 2012 Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex

406 posts

Ultimate Geek
+1 received by user: 91

Subscriber

  Reply # 1990993 7-Apr-2018 12:39
Send private message

Anyone else having trouble reaching https://alwaysonssl.com/

 

On Spark Fibre here.

547 posts

Ultimate Geek
+1 received by user: 106


  Reply # 1990995 7-Apr-2018 12:40
Send private message

MackinNZ:

Anyone else having trouble reaching https://alwaysonssl.com/


On Spark Fibre here.



Yep on bigpipe fibre

Clint

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.