We've all had bad neighbours before. Perhaps they were noisy, maybe the kids ran riot or they could have been just continually snaring all the visitor parking spots in your apartment building (bastards). But last week, someone popped up with another bad neighbour story which was quite different to usual...
Fellow MVP Paul Cunningham runs a blog over at paulcunningham.me and for the most part, it looks like any other ordinary blog:
Now being a forward-thinking bloke, Paul has elected to serve his blog over HTTPS and as I've advocated for many times in the past , he chose to go with Cloudflare to do it. It would have been a 5-minute job for Paul; create the site on Cloudflare, update his name servers, job done. And then Paul looked at the certificate on this site.
Now I'm always pretty open and direct about these things and since we're all adults here (probably), I'm just going to give it to you as it is. Here's what Paul saw when he looked at the cert:
I'm going to avoid listing all the sites in that list here as frankly, I have no idea what it would do to my SEO, but if you're genuinely curious I've dropped them into a Gist . These are "Subject Alternate Names" on what we know as a SAN certificate. The value proposition of a SAN cert is that you can fit multiple different names on the one certificate which gives you some economies of scale in terms of creating, purchasing and loading them. For a service like Cloudflare that offers SSL for free, this makes sense for them as they can combine up to 50 different host names on the one cert. Problem is, you never know who you're going to end up next to. In my case, I've got reasonable company on this blog, at least compared to Paul: