|
|
|
|
|
|
by 4ggr0
728 days ago
|
|
|
ah, my mistake then. i use a wildcard dns-record but separate letsencrypt-certs for every subdomain. so to truly be stealthy i'd have to use a wildcard dns-record AND a wildcard ssl-cert. sounds like i got myself a project for this weekend, implement a wildcard cert for my rev-proxy at home :) EDIT: i guess the logs would still show the old certs, so my subdomains would still be exposed. huh. at least future subdomains would be hidden. EDIT2: are there more ways for subdomains to get exposed, other than through DNS or SSL-Certs? |
|
|
i got a wildcard-cert, implemented it on my proxy, everything works!
unfortunately, to be stealthy, i almost have to switch to a different domain. then request a new public IP, and switch.