| 19 Mar 2022 |
|  pabe joined the room. | 22:08:33 |
| 20 Mar 2022 |
|  daksh (old, moved to @daksh:tchncs.de) changed their display name from dakship to cd. | 12:43:37 |
| daksh (old, moved to @daksh:tchncs.de) changed their display name from cd to dakship. | 12:43:59 |
| 21 Mar 2022 |
|  kara.su joined the room. | 23:22:19 |
| 22 Mar 2022 |
|  weissbier left the room. | 12:36:12 |
| weissbier joined the room. | 14:23:17 |
| daksh (old, moved to @daksh:tchncs.de) changed their display name from dakship to daksh (old). | 16:05:04 |
| daksh (old, moved to @daksh:tchncs.de) changed their display name from daksh (old) to daksh (old, moved to @daksh:tchncs.de). | 16:06:07 |
|  meowcat285 joined the room. | 19:34:07 |
| meowcat285 set a profile picture. | 20:23:22 |
| meowcat285 removed their profile picture. | 20:37:46 |
|  Justin joined the room. | 23:25:12 |
| 24 Mar 2022 |
|  Itotutona joined the room. | 22:59:19 |
| 26 Mar 2022 |
| daksh (old, moved to @daksh:tchncs.de) left the room. | 04:18:39 |
|  @baal.401:matrix.org joined the room. | 07:16:36 |
| 28 Mar 2022 |
|  mockingjay joined the room. | 10:35:11 |
| 29 Mar 2022 |
| mockingjay set a profile picture. | 15:12:51 |
 Nerdy Anarchist | I should already know this, but: Let's say I own domain.tld and all requests are going to be automatically redirected to awesome.domain.tld. In setting up TLS for the 'awesome' subdomain, do I need to worry about doing so at all for domain.tld and www.domain.tld? Will leaving them as they are cause any issues at all? | 17:06:53 |
| Nerdy Anarchist | (e.g. if a user has HTTPS-only enabled on their browser and goes to www.domain.tld, will they be presented with any errors before the 301 rule I would have set up directs them to the proper subdomain?) | 17:29:32 |
| Nerdy Anarchist | * (e.g. if a user has HTTPS-only enabled on their browser and goes to www.domain.tld, will they be presented with any errors/warnings before the 301 rule I would have set up directs them to the proper subdomain?) | 17:29:45 |
 Dis | You need a certificate for any request that might come over https. If you only ever request domain.tld or www.domain.tld over http (don't do that) it will work. Otherwise you need the certificate to exist or the client won't even make the request. (That prevents someone from trivially MitM-redirecting everyone from https://google.com to https://google.com.itsalie.attacker/) | 18:09:05 |
| Nerdy Anarchist | In reply to @dis:ev.olved.dev
You need a certificate for any request that might come over https. If you only ever request domain.tld or www.domain.tld over http (don't do that) it will work. Otherwise you need the certificate to exist or the client won't even make the request. (That prevents someone from trivially MitM-redirecting everyone from https://google.com to https://google.com.itsalie.attacker/) so separate nginx configs and tls certs for all, then | 18:12:00 |
|  rridley changed their profile picture. | 18:35:51 |
| pabe | Nerdy Anarchist: Or if this all runs on the samewebserver you could handle that within one config file with one wildcard cert.
like server_name www.domain.tld domain.tld subdomain.domain.tld
use the same wildard domain.tld certificate and handle the redirection in this file
I think you can handle this however you like more | 21:49:33 |
| 30 Mar 2022 |
 sn0w | Good to see you around Nerdy Anarchist: | 20:46:57 |
| 1 Apr 2022 |
|  netdespot joined the room. | 03:46:52 |
| Nerdy Anarchist | In reply to @luminescentseason:matrix.org
Good to see you around Nerdy Anarchist: hey - sorry for the delay was away and then had my thursday shadowrun game | 03:50:06 |
|  Daniel Menelkir changed their profile picture. | 11:15:15 |
|  Peter Marreck joined the room. | 21:59:36 |
| 2 Apr 2022 |
| Daniel Menelkir changed their profile picture. | 08:09:50 |
