Closed pushcx closed 1 year ago
pushcx
commented
5 years ago I've copied over the zone file from lobste.rs to lobsters.dev. I did not include the acme record for Let's Encrypt, or the domainkey becaues it looked like a hash based on domain name.
pushcx
commented
5 years ago Welp, latter was identifying a public key, no hash of the domain like I assumed, so I've copied it at @alanpost's direction.
1ace
commented
1 year ago FYI the certificate presented by lobsters.dev right now is for lobste.rs (only), which combined with HSTS means that browsers refuse to load lobsters.dev.
Adding lobsters.dev as an alt on the certificate might be one solution, although I'm not sure if there are downsides.
pushcx
commented
1 year ago With the server rebuild last month I configured certbot to request a cert for lobsters.dev. A few minutes ago I committed 5ac42b3 to serve a placeholder page.
I picked up lobsters.dev to serve as a backup domain in case of registrar/registry issues. With the general motivation of "better to have it and not need it", we should edit the DNS records to point to the prod server, add it to the config here, and it to /about.