:debian: 𝚜𝚎𝚕𝚎𝚊 :opensuse:People have probably seen this before, and I have - but not to this extent.
All certificates that are public, are actually "streamed" to public databases, that in line with regulation set by CA's, browsers and other vendors.
What that means, is that if you issue (or buy) a certificate from a public CA - and you are only using it in an internal environment - people WILL know that you have a host with that particular CommonName somewhere.
I've issued a couple of certificates today, and since I host my own Authoritive DNS-servers, I am able to fully trace the requests coming into my DNS-zone.
Immediately after I've issued said certificates - I see many request arriving from all over the world, together with port-scans and all that shit.
And if you dont have a A-record for that particular hostname - the portscans will go directly against @.
All that from Cloud providers such as AWS, GCP, and shit.
Fascinating.
And if you want to check all the certificates that is issued - in real time, Check out "certstream"
All GNU social JP content and data are available under the