Notes from #MetaBrainz Meeting on 2016-08-29

MetaBrainz Meeting 2016-08-29

Meeting start: IRC Logs for #metabrainz | MetaBrainz Chatlogs

Agenda

  • Reviews

Reviews

@Freso

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@reosarevok

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@bitmap

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@Gentlecat

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@zas

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@Rob

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@alastairp

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@ApeKattQuest_MonkeyPython

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@rahulr

IRC Logs for #metabrainz | MetaBrainz Chatlogs

@kartikgupta0909

IRC Logs for #metabrainz | MetaBrainz Chatlogs

Let’s encrypt does support multiple domains being present by setting subject alternatie names.
You can have up to 99 domain names used by the one ssl certificate.
To get this working you need to create a certificate signing request with all the domains you want defined as san.
You also will need to have the same file mapping work to a common directory used to verify the domain ownership as let’s encrypt will one by one verify each domain mentioned.

1 Like

I think the point was that it doesn’t support wildcards. I think both musicbrainz.org and metabrainz.org currently has *.m{eta,usic}brainz.org certificates.

The main draw of wildcard certificates is price (if you otherwise need a lot of certs), and that you can roll out new hostnames in a snap. LE certificates got you covered on both counts.

The downside of LE is that, once you have more than one or two certificates, you practically must implement automation. Once you are past that hump, it does not matter much whether you have two (maybe wildcard) certificates, or two hundred.

1 Like