search

azukaar / Cosmos-Server

☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication, anti-DDOS, anti-bot)
https://cosmos-cloud.io
Other
3.6k stars 129 forks source link

[Feat]: Per-domains certificates #336

Open gaabora opened 1 month ago

gaabora commented 1 month ago

What happened?

(domain names are redacted)

When visiting one of created in Cosmos-Server URLs like something.servegame.com, cert info of the website shows list of all added domains for other services: name.xyz something.servegame.com

image

What should have happened?

Cert info must show only corresponded domain and never list all added domains from other added to Cosmos-Server services One domain = one cert.

How to reproduce the bug?

  1. Having "Configuration > HTTP > Hostname" name.xyz
  2. Go to "Management > URLs > Create, then go to new record's Setup > Use host" and specify different domain name you own, like something.servegame.com

Relevant log output

No response

Other details

No response

System details

azukaar commented 1 month ago

This is the intended behaviour, Cosmos does not support per-domain certificate It is not a "security issue" or an issue at all for 99.99% cases.

I will leave the ticket opened for visibility, but at the moment splitting the cert is a very low priority item