[Cryptography] Fast handling of IP Address changes for HTTPS
Paul F Fraser
paulf at a2zliving.com
Thu Dec 28 16:35:53 EST 2017
Hi,
Running a webserver on a home system suffers from the problem of IP Address changes after modem reboot.
In Australia with the National Broadband Network (NBN) I am also experiencing IP Address changes
without the modem disconnecting. It may not be general, but in my case it seems that a fixed IP
Address is not available.
Also, when server is on a laptop it would be nice to be able to have the server available at
different locations.
Using dynamic DNS it takes some time for the new address to work through the system, due to isp dns
caching etc.
Having a domain name and LetsEncrypt certificate for the home server what methods are available to
handle IP address changes fast.
In researching the subject one solution might be to use a SAN certificate with 2 domain names. The
first domain being a site to redirect to the home server using the second domain name. But the
redirect would have to be to an IP address, not domain name!
Another possibility is to use "DH_anon" cipher suite but I have no real idea how this works. This
would probably be the best solution as I have a secure back channel network that can be used to
update the ip addresses and for any authentication and authorization purposes.
Any suggestion how to handle this?
Paul Fraser
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171229/433bd9b7/attachment.html>
More information about the cryptography
mailing list