https://gist.github.com/dasgoll/5c7c02f363e7aeaff2837d650d985cc7
EX: *.ccdd.com
openssl req -subj "/C=cd/CN=*.ccdd.com" -x509 -nodes -days 365 -newkey rsa:2048 -keyout ccdd-wildcard-selfsigned.key -out ccdd-wildcard-selfsigned.crt # /etc/fail2ban/jail.local [DEFAULT] default_backend = systemd logtarget = SYSTEMD-JOURNAL # /etc/fail2ban/jail.d/named.conf [named-refused-tcp] backend = systemd How to check
journalctl -r less /var/log/fail2ban.log fail2ban-client status or fail2ban-client status sshd or fail2ban-client status ooxxooxx
https://blog.miniasp.com/post/2019/02/25/Creating-Self-signed-Certificate-using-OpenSSL
目前這個方式比較靠普
建立 ssl.conf 設定檔
[req] prompt = no default_md = sha256 default_bits = 2048 distinguished_name = dn x509_extensions = v3_req [dn] C = TW ST = Taiwan L = Taipei O = Duotify Inc. OU = IT Department emailAddress = admin@example.com CN = localhost [v3_req] subjectAltName = @alt_names [alt_names] DNS.1 = *.localhost DNS.2 = localhost DNS.3 = 192.168.2.100 openssl req -x509 -new -nodes -sha256 -utf8 -days 3650 -newkey rsa:2048 -keyout server.
