Generate wildcard certs to reduce the number of certs generated

internetarchive / warcprox

WARC writing MITM HTTP/S proxy

379 stars 54 forks source link

Generate wildcard certs to reduce the number of certs generated #71

Closed vbanos closed 6 years ago

vbanos commented 6 years ago

certauth has a method to create a cert for *.example.com. This reduces greatly the number of generated certificates (~50% in my tests). For example, previous code would create:

images-eu.ssl-images-amazon.com.pem
images-fe.ssl-images-amazon.com.pem
images-na.ssl-images-amazon.com.pem

Wildcard code would create:

ssl-images-amazon.com.pem

vbanos commented 6 years ago

In my SPN2 experiment, the master code creates 876 certs whereas the wildcard code creates 463(!) for the same target pages. You could check the files here:

/home/vbanos/src/pyspn/master-certs
/home/vbanos/src/pyspn/wildcard-certs

nlevitt commented 6 years ago

😁 👍