Thanks. Yea, I I’m curious about what kind of abuse. Since I’m only giving away sub domains and since they are relatively deep subdomains like *.users.happyfuntimes.net is there much value in abusing them? It’s not like you can steal cookies or anything else related to other subdomains. The fact that is a deeper subdomain seems like that makes it not all that desirable. There are a few DNS companies that offer free domains as like freenom. Also my DNS server will only points the domains to local IP addresses (like 192.168.0.12) which won’t really get you anywhere right? So is there any really abuse issue?
Speaking of which, somewhere in this thread I suggested making a separate service with DNS and certs. The simplest idea is just use <ipaddress>.freecerteddomains.org. The only issue there is you’d be ending each person with the same ipaddress the same private cert which is supposedly against the rules. But if that was allowed that would also solve my issue as I could just use that. Could also make it <ipaddress>.<randomid>.freecerteddomains.org which is prety much the same as using freenom + letsencrpt except
- you wouldn’t have to sign up
- you wouldn’t have to per-register an id. (as in choose a subdomain)
- your machine wouldn’t need to be publically on the net get the cert
Actually I take that back. The second method doesn’t work because I need to point to internal IPs. Although I guess I could provide 2 subdomains external.<ipaddress>.<randomid>.freecerteddomains.org and internal.<ipaddress>.<randomid>.freecerteddomains.org