[tech] UCC wildcard certificate
David Adam
zanchey at ucc.gu.uwa.edu.au
Thu Nov 5 23:17:44 AWST 2015
On Thu, 5 Nov 2015, Matt Johnston wrote:
> >> On Wed 4/11/2015, at 10:09 am, David Adam <zanchey at ucc.gu.uwa.edu.au> wrote:
> >>
> >> Alternatively, we could just turn HTTPS off for subdomains. We've got a
> >> cert for secure.ucc.asn.au that's good until 2018. I didn't put HSTS on my
> >> domain ;-)
>
> I've set up letsencrypt certificates for https www.ucc.asn.au,
> ucc.asn.au and matt.ucc.asn.au (those were the ones I submitted with
> their beta). https secure.ucc has gone back to using the comodo
> certificate expiring in 2018. You put multiple "sslcertificatefile"/key
> lines for different virtualhosts in Apache's config it seems to
> magically figure it which cert to use. Other user webspace certificates
> expires on 11 November. Once letsencrypt is generally available I'll get
> certs for all subdomains again - looking at the web logs there's seems
> to be only accidental traffic to other domains (apart from zanchey.ucc).
>
> I've switched postfix and dovecot (SMTP and IMAP) back to the 2018
> secure.ucc certificate. I guess wifi or something else might also need
> attention?
Wifi uses the UCC CA certificates, as does LDAP.
Maaxen has the wildcard certificate installed for its RDP server; can just
go back to the self-signed cert for now.
[DAA]
More information about the tech
mailing list