Tag Archives: wildcard

Let's Encrypt 決定要規劃 Wildcard SSL Certificate 了

Let's Encrypt 把時間表喊出來了,預定在 2018 年年初開放使用:「Wildcard Certificates Coming January 2018」。 Wildcard SSL Certificate 會需要走新的 ACME v2 協定認證: Wildcard certificates will be offered free of charge via our upcoming ACME v2 API endpoint. We will initially only support base domain validation via … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, Service | Tagged , , , , , , , , , , , , | Leave a comment

StackOverflow 預設全上 HTTPS 了...

用 HTTPS Everywhere 沒什麼感覺,但對於一般人應該不簡單,所以 Nick Craver (根本就是他們家非正式的 PR Engineer XDD 他這幾年寫了不少內部的資訊...) 寫了一篇關於上 HTTPS 的故事:「HTTPS on Stack Overflow: The End of a Long Road」。 其中他們為了支援舊設備 (沒有支援 SNI 的),決定直接把所有 wildcard 類的 SSL certificate 都包進去 (另外找 DigiCert 處理): 然後中間提到這個真的頗無奈的,抱怨 SVG 的 XML... XDDD: … Continue reading

Posted in Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , , , , , , , , | Leave a comment

奇怪的 Wildcard SSL 取得方式...

在「VMBox.co – 2GB OVZ w/ 2 Free Wildcare SSL @ $5/m」這邊看到的,租 VPS 送兩個 wildcard SSL certificate: Up to 2 free wildcard SSL available per VPS order in Phoenix or Amsterdam. SSL only to be used on Singlehop network. 點進去看之後可以看到說明: WildCard … Continue reading

Posted in Computer, Murmuring, Network, Security, WWW | Tagged , , , , , | Leave a comment

CA/Browser Forum 在三月底的會議記錄

在 CA/Browser Forum 三月底的會議記錄裡看到了關於 wildcard ssl certificate 的一些討論,還蠻有趣的:「2016-03-31 Minutes」。 主要是第五條的記錄,在討論更廣泛的 wildcard 用法。首先是 Microsoft 對 ww*.example.com 這種 domain 的認定: Rick said there was a Microsoft tech note that allows ww*.example.com. Jody confirmed the platform supports it. 但有爭論,而且目前看起來暫時沒有打算要實作: Rick suggested the BRs … Continue reading

Posted in Browser, Computer, DNS, Murmuring, Network, Security, Software, WWW | Tagged , , , , , , , , , , | Leave a comment

WordPress.com 將全面提供 HTTPS 服務

WordPress.com 宣佈將全面提供 HTTPS 服務:「HTTPS Everywhere: Encryption for All WordPress.com Sites」。 其中 wordpress.com 應該是買 wildcard SSL certificate 來做,而 custom domain 的部份將會透過 Let's Encrypt 來做: The Let’s Encrypt project gave us an efficient and automated way to provide SSL certificates for a … Continue reading

Posted in Blog, Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , | Leave a comment

Google Chrome Developer Tools 裡的 Network Filter

在「Chrome Network Panel Filter: Domain」這篇看到有趣的用法: 輸入完 domain: 後會列出許多選擇讓你選,還包括了 wildcard... 這功能真不錯 @_@

Posted in Browser, Computer, GoogleChrome, Murmuring, Network, Software, WWW | Tagged , , , , , , , | Leave a comment

CloudFront 支援 Wildcard Invalidation

在「Amazon CloudFront Makes it Easier to Invalidate Multiple Objects」這邊看到的消息,Amazon CloudFront 總算是支援 Wildcard Invalidation 了。價錢與 Single Object Invalidation 相同,都是每次 USD$0.005。 依照 Invalidating Objects (Web Distributions Only) 這邊的說明,Wildcard 的部份只能用在結尾: To invalidate objects, you can specify either the path for individual objects or … Continue reading

Posted in AWS, CDN, Cloud, Computer, Murmuring, Network, WWW | Tagged , , , , , | Leave a comment

設定 CloudFront 的 Wildcard SSL (SNI)

不知道為什麼網路上一堆文章寫的超複雜 XD 目前必須使用 CLI 才能上傳 key 與 SSL certificate,所以乖乖的裝上 aws-cli 吧 :p 而通常在買 Wildcard SSL 時會 *.example.com 的時候會簽成 example.com + *.example.com,這時候用 example.com 當名字掛進去: aws iam upload-server-certificate --server-certificate-name example.com --certificate-body file://server.crt --private-key file://server.key --certificate-chain file://intermediate.crt --path /cloudfront/ 一樣可以確認: aws iam get-server-certificate … Continue reading

Posted in AWS, CDN, Cloud, Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , , , | Leave a comment

用 *.xip.io 測試...

直接看 xip.io 的說明就可以了:「xip.io: wildcard DNS for everyone」。 重點: 10.0.0.1.xip.io resolves to 10.0.0.1 www.10.0.0.1.xip.io resolves to 10.0.0.1 mysite.10.0.0.1.xip.io resolves to 10.0.0.1 foo.bar.10.0.0.1.xip.io resolves to 10.0.0.1 可以拿來測試...

Posted in Computer, DNS, Murmuring, Network | Tagged , , , , | Leave a comment

Wildcard EV Certificate...

Netcraft 這篇「Wildcard EV certificates supported by major browsers」提到幾個重點... 首先是 EV 規範內禁止使用 Wildcard certificate (出自「Guidelines ForThe IssuanceAnd Management Of ExtendedValidationCertificates」): Wildcard certificates are not allowed for EV Certificates. 然後還是有人發 *.cclearning.accenture.com,而且主流瀏覽器會正常照 EV 模式顯示出來:(這邊拿 Google Chrome 的範例,原文有所有截圖) 只有 Safari 的手機版本當作普通 certificate 處理的:(下面兩張圖,上圖是桌機版,下圖是手機版) 被抓出來鞭後應該會修正... … Continue reading

Posted in Browser, Computer, Murmuring, Network, Safari, Security, Software, WWW | Tagged , , , , | 2 Comments