Last week, I described a gloomy situation: all public TLS certificate providers log your requests. By browsing through the subdomains, one can get their respective IP addresses. If one of them points to your home route, they know your general location. I analyzed several solutions and decided to use wildcard certificates, which don’t leak subdomain information, while continuing to use Let’s Encrypt. My solution caters to my Synology NAS, as it’s the one I’m using. Gett