Dimitar Nestorov
Established Member
- Impact
- 10
Google Chrome refuses to visit the new .app domains without https
-
-
☆ Auction: Ten 4L .com Lot – Bid now before it's gone!
question Is there a parking service that supports https?
- Thread starter Dimitar Nestorov
- Start date
The views expressed on this page by users and staff are their own, not those of NamePros.
LetsEncrypt will be hard to scale for thousands of domains.
In fact, setting up SSL is not the problem, the problem is to gather the private certificates and automate the deployment.
And it also depends on the verification to be performed. For example in a simple domain validation scenario, the certificate will often be delivered to an E-mail address under the same domain like postmaster. Or it has to be fetched by the domain holder on the the certificate authority's website. So the parking company can't do that because they have no control.
If you have a server, you could host the domains yourself though. Just need to automate the LetsEncrypt part.
.app is definitely going to be a challenge for domainers.
It reminds me when people were buying .tel domains to find out they couldn't park them
In fact, setting up SSL is not the problem, the problem is to gather the private certificates and automate the deployment.
And it also depends on the verification to be performed. For example in a simple domain validation scenario, the certificate will often be delivered to an E-mail address under the same domain like postmaster. Or it has to be fetched by the domain holder on the the certificate authority's website. So the parking company can't do that because they have no control.
If you have a server, you could host the domains yourself though. Just need to automate the LetsEncrypt part.
.app is definitely going to be a challenge for domainers.
It reminds me when people were buying .tel domains to find out they couldn't park them
Dimitar Nestorov
Established Member
- Impact
- 10
It reminds me when people were buying .tel domains to find out they couldn't park them
That was only back in the day? I'm currently reading do.tel's FAQ page and it says
https://www.do.tel/faqs/do.tel/faqs/ said:
It does not appear to have any scaling issues that I have noticed so far. I guess we will see if no services offer SSLs for .app and thousands sign up for my forwarding service. I personally am hoping they all figure it out so I don't have to deal with any scaling issues since it's free.
Challenges arise every day as technology evolves. But this is just a first indication of the need for all services to provide SSL to appease Google and new tech.
Yes, now you can use your own name servers but until recently you couldn't. A domain name that can't be used for a website or other Internet service like E-mail is useless right. And now domainers are stuck with plenty of .app domains that they can't host readily.
Not saying it can't be done but tedious and challenging. Of course the easy way for a parking company or hosting company would be to become a certification authority, then you can roll out certificates easily and domain validation poses no problem.
My guess is, it's not worth the time and effort for parking companies. Not enough combined traffic, not enough sales. They have many other priorities.
Last edited:
Lets encrypt is the way to go. Any 'real' hosting company is offering that for free already. Letsencrypt is easy to integrate in Cpanel for instance so I'd imagine it wouldn't be too hard to integrate in a custom backend.
You can just automate the process so when someone adds a domain a certificate will be issued and configured instantly. I'm not sure if it's still the case but they (letsencrypt) did have a maximum request per day(?) per ip requesting it. Also, the domain should already be using the correct nameservers.
The huge number of domains shouldn't be an issue either. You'd be surprised how many domains are running on a single server anyway and introducing SSL to the config shouldn't add too much additional overhead.
Like mentioned before, cloudflare would also be a viable solution. Not free however and overall less trusted because of the way their encryption chain works. Anyhow, you could integrate cloudflare (using their API) in your backend and you'll be done. Best to reach out to them if you'd want to go that option. Big plus might be their DDOS protection, not sure if that's a thing for parking services.
Anyway, It can easily be done and it definitely is something that should be tackled in this industry in the near future.
You can just automate the process so when someone adds a domain a certificate will be issued and configured instantly. I'm not sure if it's still the case but they (letsencrypt) did have a maximum request per day(?) per ip requesting it. Also, the domain should already be using the correct nameservers.
The huge number of domains shouldn't be an issue either. You'd be surprised how many domains are running on a single server anyway and introducing SSL to the config shouldn't add too much additional overhead.
Like mentioned before, cloudflare would also be a viable solution. Not free however and overall less trusted because of the way their encryption chain works. Anyhow, you could integrate cloudflare (using their API) in your backend and you'll be done. Best to reach out to them if you'd want to go that option. Big plus might be their DDOS protection, not sure if that's a thing for parking services.
Anyway, It can easily be done and it definitely is something that should be tackled in this industry in the near future.
Dimitar Nestorov
Established Member
- Impact
- 10
cPanel partnered with Comodo to release a feature called AutoSSL. Basically the same as LetsEncrypt but the issuer is Comodo. I used to have LetsEncrypt in my cPanel and then one day it disappeared.
I made a reverse IP lookup on my website and found 785 websites hosted on our IP address. Cool thing is that I tried a bunch of them by manually writing https in the address bar and they all resolved with
Which means that my hosting provider has SSL setup for 785 domains just on that server. If cPanel can do it, so can you!
I have a little over 100 SSLs/sites setup in the 1 day my .app forwarding website has been online. All automated and no issues. Interested to see if it keeps going smoothly as it scales - but I see no reason why it would not.
I think the big players will catch up soon.
Most hosts used a plugin for this but there were some minor issues if I recall correctly, then AutoSSL came around. Great solution as well. More important, certificates become freely available to the general public which means the web got just a tiny bit safer
785 is nothing
really depends on the host ofcourse but I'm usually using at least 5 ips per node(although these are beast in terms of resources) so do your math. Anyway, I'm kinda surprised the 'parking business' is this far behind whereas the overall hosting industry has adopted SSL pretty much as a standard nowadays.
When there's a will, there's a way. I'm sure they'll figure it out.
I totally understand the difference in scale. But hosting providers do manage to do this without issue.Let me know when you can add four or five million.
I'll wait...
Donny
I'm not trying to give you a hard time - but I would bet that in the next year or two you will have to do something about an SSL per domain to stay relevant. Big G has a lot of weight, not to mention forward progress.
- Impact
- 1,471
How about you get @matt_bodis to pay you, and then we will just copy what he does?
One of my employees does run a hosting company at night and I had him look into mass SSL certs with letsencrypt and he determined that it just wasn't possible. That doesn't mean that it won't be at some point. But the rate limits set by letsencrypt would be too high right now.
Donny
One of my employees does run a hosting company at night and I had him look into mass SSL certs with letsencrypt and he determined that it just wasn't possible. That doesn't mean that it won't be at some point. But the rate limits set by letsencrypt would be too high right now.
Donny
Let me know when you can add four or five million.
I'll wait...
Donny
It's doable I'd say. Look at cloudflare
But seriously, I understand scaling things up doesn't always work. Keep in mind though that you gotta get this done as in less than a few years everyone will be doing it.
That depends which of you would pay more....How about you get @matt_bodis to pay you, and then we will just copy what he does?
One of my employees does run a hosting company at night and I had him look into mass SSL certs with letsencrypt and he determined that it just wasn't possible. That doesn't mean that it won't be at some point. But the rate limits set by letsencrypt would be too high right now.
Donny
Or you could split it and cut your costs. I'll program it all in your native language and OS. LetsEncrypt wouldnt be your only solution, but they do allow bigger organizations to raise the rate limit as needed.
https://letsencrypt.org/docs/rate-limits/ and then Rate Limit Form
- Impact
- 1,471
Cloudflare bought their own CA. This is why they can offer universal SSL. I think any parking company would offer ssl if it was possible and still profitable. Buying an SSL cert for every parked domain isn't a reality.
I would give you a Google lava lamp and two packs of bubble gum.
Donny
I would give you a Google lava lamp and two packs of bubble gum.
Donny
Agreed. If landing/parking companies had to buy an SSL cert for each domain they would go out of business.Cloudflare bought their own CA. This is why they can offer universal SSL. I think any parking company would offer ssl if it was possible and still profitable. Buying an SSL cert for every parked domain isn't a reality.
I would give you a Google lava lamp and two packs of bubble gum.
Donny
Ideally the registrars need to fix their forwarding and all would be well. But if you want people to use your nameservers then some solution needs to be found.
I would give you a Google lava lamp and two packs of bubble gum.
Hahaha! Just saw that!
Sorry someone outbid you with a google lava lamp, two packs of gum, and a zen garden via PM.
Agreed. But you wouldnt point your nameservers to my webservers during testing so I was going to throw those in as an added bonus.
Similar threads
New posts ➔
-
.now showcase and discussion- 164 posters
- King
Polls of interest ➔
-
What are your strengths as an investor?- 181 voters
- 26 replies
-
What's your domain portfolio size?
- 447 voters
- 134 replies
-
How do you think a potential buyer first checks if your domain is for sale?- 461 voters
- 52 replies
Hot this week ➔
-
What Separates Domain Investors Who Fade Away From Those Who Stay?- 28 comments
- 23 points
-
Green.com domain name changed hands for $7.5 million- 9 replies
- 56 points
-
Reflections on Palindrome Domain Names- 13 comments
- 74 points
-
We Only Like Appraisals When They Agree With Us- 5 comments
- 5 points
Hot this month ➔
-
Most Domains Don't Sell Because...
- 51 comments
- 64 points
-
Seeking Premium One-Word Domains ( .IO / .AI / .ORG) — Wholesale Only
- 47 replies
- 42 posters
-
WTB: LWord.com, LLWord.com, LLLWord.com, budget is $10-$3000 per domain.
- 41 replies
- 1 point
-
How do you spot domain trends BEFORE they explode? (like claw keyword did)- 40 replies
- 1 point
Blog favorites
-
Reflections on Palindrome Domain Names
- 13 comments
- Bob Hawkes
-
5 Debates Domainers Will Never Agree On
- 21 comments
- Sully
