all InfoSec news
How to keep my homelab infrastructure private when using Let's Encrypt or ZeroSSL certificates?
March 24, 2023, 1:25 p.m. | /u/Ditzah
Privacy & Freedom in the Information Age www.reddit.com
That's working fine, however, when I look at https://crt.sh, I can see the certs for myrouter.example.com, myserver.example.com, mypasswordmanager.example.com, mydocumentmanagement.example.com etc.
For example:
$ curl -sS "https://crt.sh?q=%.example.com&output=json" | jq -r '.[].name_value' | sort -u
myrouter.example.com
myserver.example.com
mypasswordmanager.example.com
mydocumentmanagement.example.com
...
These services are not exposed, I can only access them locally or via a wireguard tunnel. I know bad actors can't …
access acme bad bad actors big certificates encrypt environment exposed google homelab host infrastructure let's encrypt locally privacy private public reddit services tunnel wireguard
More from www.reddit.com / Privacy & Freedom in the Information Age
Jobs in InfoSec / Cybersecurity
Azure DevSecOps Cloud Engineer II
@ Prudent Technology | McLean, VA, USA
Security Engineer III - Python, AWS
@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
SOC Analyst (Threat Hunter)
@ NCS | Singapore, Singapore
Managed Services Information Security Manager
@ NTT DATA | Sydney, Australia
Senior Security Engineer (Remote)
@ Mattermost | United Kingdom
Penetration Tester (Part Time & Remote)
@ TestPros | United States - Remote