• Wildcard (?) certs for domain

    From Khelair@VERT/TINFOIL to All on Fri Feb 19 15:11:30 2016
    I'm working on setting up a diaspora pod here, but unfortunately I've hit a little bit of a snag. It appears that I need some wildcard certs, and self-signed ones will not do the trick for this project. I'm not able to use my synchro.net domain, obviously, as it would be registering the entire synchro.net domain and not just tinfoil.synchro.net. We do have another few domains that we can probably utilize, but none of them allow receiving email at whatever@domain.name. The only place that I've found that will do free SSL/TLS certs requires the ability to receive email at whatever@domain.name, so that seems to be the hangup at this point. Does anybody know of a place that'll do free certs that doesn't require email at this top level? I'd really like to get this project going, as I've got some other opportunities that kind of hinge on it.
    Thanks for any pointers y'all might be able to offer.

    -D/K

    ---
    Borg Burgers: We do it our way; your way is irrelevant.
    ■ Synchronet ■ Tinfoil Tetrahedron BBS telnet://tinfoil.synchro.net
  • From Ree@VERT/FTELNET to Khelair on Sat Feb 20 22:55:55 2016
    I'm working on setting up a diaspora pod here, but unfortunately I've hit a little bit of a snag. It appears that I need some wildcard certs, and self-signed ones will not do the trick for this project. I'm not able to use my synchro.net domain, obviously, as it would be registering the entire synchro.net domain and not just tinfoil.synchro.net. We do have another few domains that we can probably utilize, but none of them allow receiving email at whatever@domain.name. The only place that I've found that will do free SSL/TLS certs requires the ability to receive email at whatever@domain.name, so that seems to be the hangup at this point. Does anybody know of a place that'll do free certs that doesn't require email at this top level? I'd really like to get this project going, as I've got some other opportunities that kind of hinge on it.
    Thanks for any pointers y'all might be able to offer.

    If you really need wildcard, I don't know of any free ones. Multi-domain SAN certificates can be done via WoSign (https://buy.wosign.com/free/?lan=en with only 5 domains for free) or Let's Encrypt (https://letsencrypt.org/) though.

    Let's Encrypt will validate via a file served by the HTTP server, and it's been awhile since I used them but I believe WoSign will do the same.

    ---
    ■ Synchronet ■ fTelnet Support BBS
  • From Khelair@VERT/TINFOIL to Ree on Tue Feb 23 18:16:34 2016
    Re: Re: Wildcard (?) certs for domain
    By: Ree to Khelair on Sat Feb 20 2016 22:55:55

    If you really need wildcard, I don't know of any free ones. Multi-domain SAN certificates can be done via WoSign (https://buy.wosign.com/free/?lan=en with only 5 domains for free) or Let's Encrypt (https://letsencrypt.org/) though.

    I think I may have been using inappropriate terminology when I said 'wildcard', actually. My bad.

    Let's Encrypt will validate via a file served by the HTTP server, and it's been awhile since I used them but I believe WoSign will do the same.

    That's what I'm trying to go with for now. I should be figuring out tonight whether it meets what I need or not. Looks like it will, I just need to figure out some configuration options prior to using the apache plugin for what I'm doing.

    -D/K

    ---
    Borg Burgers: We do it our way; your way is irrelevant.
    ■ Synchronet ■ Tinfoil Tetrahedron BBS telnet://tinfoil.synchro.net