search

cunnie / sslip.io

Golang-based DNS server which maps DNS records with embedded IP addresses to those addresses.
Apache License 2.0
646 stars 77 forks source link

why is this called *ssl* ip #31

Closed kumavis closed 1 year ago

kumavis commented 1 year ago

unclear what the role of "ssl" is in the name as the service doesnt seem to do anything ssl specific

cunnie commented 1 year ago

Hi @kumavis

unclear what the role of "ssl" is in the name as the service doesnt seem to do anything ssl specific

You're right—it doesn't do anything SSL-specific, but it did in its first incarnation (2015?): we had a wildcard certificate and private key that we released to the public for *.sslip.io so that developers could use a valid certificate for, say, 127-0-0-1.sslip.io, but once Comodo (now Sectigo) got wind of that they revoked our key certificate within 24 hours.

Even though the "ssl" in the name no longer made sense, we never bothered to change it.

kumavis commented 1 year ago

thanks/

I was wondering if you could do a dns-auth cert as well but http-auth seems much easier

cunnie commented 1 year ago

I was wondering if you could do a dns-auth cert as well but http-auth seems much easier

Not easily. #24 is a good example of an ongoing discussion to address this.