https everywhere

[Leandro Lucarella]

Nick Sabalausky, el 22 de February a las 01:43 me escribiste:
> >>No, you can use any subdomain, you can't use wildcards, but you can get
> >>as many subdomains as you want. To use several subdomains in one server,
> >>your server must support SNI[1], but any modern webserver should support
> >>it.
> >>
> >>[1] https://en.wikipedia.org/wiki/Server_Name_Indication
> >
> >I've tried to get a subdomain cert from them, but their system
> >complained that I already had a cert from them for the same domain.

I don't know what to say, but I'm in fact using two different
certificates for two different subdomains and both are verified by
StartSSL for free, you can check it out:
openssl s_client -servername fotos.llucax.com.ar -connect luca.homenet.org:443
openssl s_client -servername cloud.llucax.com.ar -connect luca.homenet.org:443

> SNI *is* necessary, of course, to host multiple SSL-certs on the
> same server (regardless of whetheer they're separate subdomains or
> suparate regular domains), but I already have my server doing that
> (one cert for each of two different domains).

No, for subdomains is not strictly necessary, you can get a wildcard
certificate that covers *.example.com. That kind of certificate work for
any subdomain (the same certificate). But that kind of certificate is
not free in StartSSL (I think because the verification process is more
expensive).

-- 
Leandro Lucarella (AKA luca)                     http://llucax.com.ar/
----------------------------------------------------------------------
In 1995 a Japanese trawler sank, because a Russian
cargo plane dropped a living cow from 30,000 feet