I'm working on setting up a diaspora pod here, but unfortunately I've hit a little bit of a snag. It appears that I need some wildcard certs, and self-signed ones will not do the trick for this project. I'm not able to use my synchro.net domain, obviously, as it would be registering the entire synchro.net domain and not just tinfoil.synchro.net. We do have another few domains that we can probably utilize, but none of them allow receiving email at firstname.lastname@example.org. The only place that I've found that will do free SSL/TLS certs requires the ability to receive email at email@example.com, so that seems to be the hangup at this point. Does anybody know of a place that'll do free certs that doesn't require email at this top level? I'd really like to get this project going, as I've got some other opportunities that kind of hinge on it.
Thanks for any pointers y'all might be able to offer.
If you really need wildcard, I don't know of any free ones. Multi-domain SAN certificates can be done via WoSign (https://buy.wosign.com/free/?lan=en with only 5 domains for free) or Let's Encrypt (https://letsencrypt.org/) though.
Let's Encrypt will validate via a file served by the HTTP server, and it's been awhile since I used them but I believe WoSign will do the same.