On Wed, 2019-06-19 at 13:05 +0700, Bagas Sanjaya wrote: > It can be prevented by using wildcard certificates
That is another terrible idea, if that one certificate is compromised then the attacker can impersonate any subdomain for the entire validity period. Moving towards individual certs and keys for each site with short validity periods with automatic renewal is a much better option. > Why did you say like that? Since there are no good reasons to do what you suggest. I won't be responding to this thread any longer. I request that you stop responding to this thread too. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
