[NTG-context] [secure site not available]

Marco Patzer lists at homerow.info
Thu Sep 15 12:41:07 CEST 2022


On Wed, 14 Sep 2022 19:19:05 +0200
Pablo Rodriguez via ntg-context <ntg-context at ntg.nl> wrote:

> https://lmtx.pragma-ade.nl, https://pragma-ade.nl and
> https://pragma-ade.com seem to use a certificate that is only valid
> for https://lmtx.pragma-ade.com (according to Firefox).

Correct. This is a misconfigured webserver, so the error is valid.

> Each domain (and subdomain) requires its own certificate.

That's not quite correct AFAIK. Let's encrypt supports wildcard
certificates, so

  lmtx.pragma-ade.nl and
       pragma-ade.nl

could be covered by the same certificate. And each certificate can
also cover multiple domains (SAN). So one certificate should be
enough for all abovementioned (sub)domains.

> (And non-automatic certificate renewal is a real pain [I have to
> add].)

I totally agree on that one.

Certbot definitely supports wildcard certificates and AFAIK you can
just specify multiple domains with the ā€œ-dā€ option.

Marco


More information about the ntg-context mailing list