Expose your subdomains as in having all of them bundled into one certificate?
AFAIK, you absolutely can request different certs for each subdomain (in fact, that’s what I’ve been doing for a while).
Expose your subdomains as in having all of them bundled into one certificate?
AFAIK, you absolutely can request different certs for each subdomain (in fact, that’s what I’ve been doing for a while).
foggy@lemmy.world 7 months ago
No, as in they are public record.
If you use a wildcard let’s encrypt SSL to encrypt www.mydomain.com and VPS.mydomain.com and secret.mydomain.com and allmyporn.mydomain.com, and Plex.mydomain.com, and gitlab.mydomain.com
Then it is public record that mydomain.com has associated with it the CNAMES “www” “VPS” “secret” “allmyporn” “Plex” and “gitlab”.
It can be looked up by anyone here. Just type in “%.yourdomain”
That is to say if you use a wildcard letsencrypt SSL on all your subdomains for you self hosting project, you’re more exposed than want to be.