One SSL-Certificate for all our hosts

[dr0i]

It's possible to only have one SSL-certificate for multiple hostnames SubjectAlternativeName, SAN. Since we use a proxy, allmost all hostnames we control point to it (empyhtos). It's far more simple to have just one certificate for certificates must be renewed regularly. For a CSR we need a list of all these hostnames. The hostnames in need of a valid SSL certificate are listed here. The list should be updated if needed:

FQDN: lobid.org FQDN: www.lobid.org FQDN: beta.lobid.org FQDN: blog.lobid.org FQDN: labs.lobid.org FQDN: slides.lobid.org FQDN: test.lobid.org

FQDN: metafacture.org FQDN: www.metafacture.org

FQDN: nwbib.de FQDN: www.nwbib.de FQDN: test.nwbib.de

FQDN: skohub.io FQDN: www.skohub.io FQDN: test.skohub.io

Note: everytime this list is updated a new CSR must be done asking our IT to provide a new certificate. Also, of course, this must be done when the certificate is going to expire.

[dr0i]

Hi @acka47 if you find a hostname missing in the list please add it and ping.

[acka47]

I think we do not use vocabs.lobid.org anymore and it thus can be removed. Do we still use stage.lobid.org? Otherwise it looks complete.

[acka47]

I added metafacture.org and restructured the list to take into account Mariusz' advice to have on certificate per domain.

[dr0i]

Deployed, please test. Note that skohub and nwbib will be renewed at the end of the next year. Note also that www.metafacture.org is not enabled, I think it's an DNS issue , will contact IT. [edit: IT made it good by correcting DNS]

[acka47]

+1 Closing.