(github.com)

246 points nh2 | 1 comments | 18 Oct 24 06:10 UTC | HN request time: 0.228s | source

1. cyberax ◴[22 Oct 24 19:00 UTC] No.41917511[source]▶

One problem with wildcard certs is that any host can impersonate any host within the wildcard zone.

It would be great to be able to get a certificate for an intermediary CA, that is limited to one domain. And then use this CA to issue certs as needed.

↑

Just want simple TLS for your .internal network?