Next: HTTP-based authentication, Previous: TLS client authentication, Up: tofuproxy
You can restrict what hosts are allowed to be served by the specified
CA. For example you want to limit CA with SPKI’s SHA256 hash of
9215d9eeddeb403b0ffebb228cfc13104da825117d3640a0dfbfc0c08a012124
to domains only in stargrave.org tree:
$ tee fifos/add-restricted <contrib/restricted.txt 9215d9eeddeb403b0ffebb228cfc13104da825117d3640a0dfbfc0c08a012124 stargrave.org [...]