Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




162 posts

Master Geek
+1 received by user: 65

Subscriber

Topic # 231818 14-Mar-2018 17:39
3 people support this post
Send private message quote this post

per title Lets Encrypt are now offering wildcard certificate support 


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976725 14-Mar-2018 20:13
Send private message quote this post

Whoop have been waiting for this.

Is it fully rolled out now? I thought just the client.




Previously known as psycik

NextPVR/OpenHAB: 
Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 
Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex


'That VDSL Cat'
7547 posts

Uber Geek
+1 received by user: 1524

Trusted
Spark
Subscriber

  Reply # 1976726 14-Mar-2018 20:14
Send private message quote this post

Hm. this will be interesting..

 

 





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
BDFL - Memuneh
60054 posts

Uber Geek
+1 received by user: 11140

Administrator
Trusted
Geekzone
Lifetime subscriber

57 posts

Master Geek
+1 received by user: 3


  Reply # 1976741 14-Mar-2018 20:46
Send private message quote this post

freitasm:

 

AlwaysOnSSL is a good option - and certificates last one year, not three months,

 

 

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

 

On Topic: Awesome! I've been waiting for LE wildcard support


3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976742 14-Mar-2018 20:48
Send private message quote this post

OT-ish does the always on do wildcard?




Previously known as psycik

NextPVR/OpenHAB: 
Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 
Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex


523 posts

Ultimate Geek
+1 received by user: 97


  Reply # 1976746 14-Mar-2018 20:53
Send private message quote this post

TheoM:

freitasm:


AlwaysOnSSL is a good option - and certificates last one year, not three months,



OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.


On Topic: Awesome! I've been waiting for LE wildcard support



I thought the point of LE is that the client automatically renews the certificate every 1-90 days, set and forget for basic installs :)


Clint

BDFL - Memuneh
60054 posts

Uber Geek
+1 received by user: 11140

Administrator
Trusted
Geekzone
Lifetime subscriber

13751 posts

Uber Geek
+1 received by user: 2396

Trusted
Subscriber

  Reply # 1976753 14-Mar-2018 21:07
Send private message quote this post

Wildcard certs are a nice feature to have.

 

I use Acme to issue and reissue Let's Encrypt certificates on my AWS Linux server. Works great. The LE client certbot didn't work well on AL when I tried it.

 

NB: don't use Amazon Linux 1 / 2, use Ubuntu or something else more widely used.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


298 posts

Ultimate Geek
+1 received by user: 57


  Reply # 1976765 14-Mar-2018 21:25
Send private message quote this post

Good news! Auto-renewal of a 3 month certificate isn't a big issue when done by dedicated cron job (i.e. bi-weekly or monthly).





Nope, English isn't my mother tongue. But that's why I'm here. smile


3351 posts

Uber Geek
+1 received by user: 1124

Subscriber

  Reply # 1976772 14-Mar-2018 21:41
Send private message quote this post

I feel like the first tutorial I found on doing nginx with let's encrypt covered off installing certbot and setting the cron job for updates.

This is great news, was about to buy my own wildcard cert for home domain but won't bother now!

3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976798 14-Mar-2018 22:01
Send private message quote this post

The automation only works if one of the supported methods works.

So in my case I can do it with one cert as I’ve got it opened for https.

But another I get I have to manually do via dns as it’s not exposed to the internet. But I have scripted a conversion and loading to the site that uses it (the unifi controller)




Previously known as psycik

NextPVR/OpenHAB: 
Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 
Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex


IcI

666 posts

Ultimate Geek
+1 received by user: 147

Trusted

  Reply # 1976837 14-Mar-2018 23:33
One person supports this post
Send private message quote this post

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

 

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?


3801 posts

Uber Geek
+1 received by user: 459

Trusted

  Reply # 1976936 15-Mar-2018 08:50
One person supports this post
Send private message quote this post

IcI:

 

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

 

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

 

 

 

 

Yeah I could probably do that.  I'll look at doing a blog post with it, if nothing else it gets it in the cloud in case I lose it.





Previously known as psycik

NextPVR/OpenHAB: 
Gigabyte AMD A8 Brix --> Samsung LA46A650D via HDMI, NextPVR,OpenHAB with Aeotech ZWave Controller
Media:Chromecast v2, ATV4, Roku3, Raspberry PI temperature Sensors and Bluetooth LE Sensors,HDHomeRun Dual
Windows 2012 
Host (Plex Server/Crashplan): 2x2TB, 2x3TB, 1x4TB using DriveBender, Samsung 850 evo 512 GB SSD, Hyper-V Server with 1xW10, 1xW2k8, 2xUbuntu 16.04 LTS, Crashplan, NextPVR channel for Plex,NextPVR Metadata Agent and Scanner for Plex


395 posts

Ultimate Geek
+1 received by user: 86

Subscriber

  Reply # 1990993 7-Apr-2018 12:39
Send private message quote this post

Anyone else having trouble reaching https://alwaysonssl.com/

 

On Spark Fibre here.


523 posts

Ultimate Geek
+1 received by user: 97


  Reply # 1990995 7-Apr-2018 12:40
Send private message quote this post

MackinNZ:

Anyone else having trouble reaching https://alwaysonssl.com/


On Spark Fibre here.



Yep on bigpipe fibre

Clint

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Opera launches new mobile browser: Opera Touch
Posted 25-Apr-2018 20:45


TCF and Telcos Toughen Up on Scam Callers
Posted 23-Apr-2018 09:39


Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.