Jason Self at
What? SSL can cover subdomains too.
Well, yes, and they do have a wildcard cert for *.withknown.com. But it sounds like hosts don't want to have to deal with configuration for arbitrary certs for any hostname that their users pick.
I'm not sure if that's because it's just a huge hassle (does the user supply the cert? if not, what expiration time does the host purchase the cert for if the user can stop paying?) or if it's because it doesn't scale technically (e.g. a single instance of nginx can support different certs for different hostnames, but does that impose some overhead after say 1,000 certs?)
I'm not sure if that's because it's just a huge hassle (does the user supply the cert? if not, what expiration time does the host purchase the cert for if the user can stop paying?) or if it's because it doesn't scale technically (e.g. a single instance of nginx can support different certs for different hostnames, but does that impose some overhead after say 1,000 certs?)