I'd been made aware of the possibility of using HSTS redirects to create a fingerprint, but I've yet to see someone make the code available. Please feel free to dig in / contribute / critique.
Yea my first thought was that 24 bits should be able to grow to accommodate more fingerprints, so it would make more sense to have a wildcard. But you could definitely have 24 individual certificates.
I wasn't aware of Let's Encrypt, I'll look into grabbing 24 certs from there and spinning up a demo. Thanks!
AlexanderS makes a good point here: https://github.com/ben174/hsts-cookie/issues/1
You can request one certificate with multiple SubjectAltNames from LetsEncrypt, might save you some trouble.
6 comments
[ 3.3 ms ] story [ 18.3 ms ] threadI wasn't aware of Let's Encrypt, I'll look into grabbing 24 certs from there and spinning up a demo. Thanks!