{"id":1778,"date":"2018-12-11T17:48:58","date_gmt":"2018-12-11T16:48:58","guid":{"rendered":"https:\/\/michauko.org\/blog\/?p=1778"},"modified":"2020-12-07T14:41:20","modified_gmt":"2020-12-07T13:41:20","slug":"smtp-et-imap-via-ssl-tls-lets-encrypt","status":"publish","type":"post","link":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/","title":{"rendered":"smtp et imap via SSL\/TLS + let’s encrypt"},"content":{"rendered":"\n

Petit aide m\u00e9moire et astuces pour avoir des certificats qui vont bien dans un environnement postfix\/dovecot ; et non pas des certif auto-sign\u00e9s comme vous avez peut-\u00eatre.<\/p>\n\n\n\n

Derni\u00e8rement, en voulant configurer un iFoune pour atteindre un serveur de mails \u00e0 moi (tournant sur postfix\/dovecot), j’ai vu que l’option \u00ab\u00a0accepter tous les certificats\u00a0\u00bb n’\u00e9tait plus de ce monde. Peut-\u00eatre que Appeul a d\u00e9cid\u00e9 que le SSL \u00e9tant tellement basique maintenant, il n’y avait plus aucune raison d’avoir des certificats moisis (par exemple ceux auto-sign\u00e9s qu’on a \u00e0 la cr\u00e9ation d’un postfix\/dovecot). C’est pas faux.<\/p>\n\n\n\n

Sauf que \u00e7a me faisait suer, car j’avais gard\u00e9 en t\u00eate que postfix ne sait pas g\u00e9rer du multi-certificats suivant le nom de domaine de mails. Techniquement, c’est une histoire de SNI pas support\u00e9 par postfix dans TLS. J’abr\u00e8ge, mais l’id\u00e9e est l\u00e0. Donc soit on fait une instance smtpd par domaine, avec obligatoirement une IP d\u00e9di\u00e9e (\u00e7a peut \u00eatre tr\u00e8s lourd d’avoir plein d’IP juste pour \u00e7a), soit on trouve une autre ruse.<\/p>\n\n\n\n\n\n\n\n

Une ruse serait de faire utiliser touours le m\u00eame smtp.domaine.com et imap.domaine.com pour la configuration de toutes vos bo\u00eetes mails, qu’elles soient sur domaine.com ou autre_domaine.com. Mais c’est moins classe car si on veut scinder un peu, on pr\u00e9f\u00e8rera expliquer \u00e0 Mr autre_domaine.com que sont imap est bien imap.autre_domaine.com et pas un truc qu’il ne connait pas forc\u00e9ment et qui s’appelle domaine.com.<\/p>\n\n\n\n

La ruse la plus simple consiste donc \u00e0 g\u00e9n\u00e9rer un certificat (par exemple par \u00ab\u00a0let’s encrypt\u00a0\u00bb, cf. mes articles pr\u00e9c\u00e9dents<\/a> sur le sujet) contenant tous les noms des FQDN dont vous avez besoin : smtp.domaine.com et imap.domaine.com et smtp.autre_domaine.com et imap.autre_domaine.com etc imap.machinbidule.com…
\nCe \u00ab\u00a0super certificat\u00a0\u00bb sera tout \u00e0 fait valide. Le seul hic \u00e0 la limite est que si on interroge le certificat (exemple : true | openssl s_client -connect smtp.domaine.fr:465 | openssl x509 -noout -text | grep DNS:<\/code> Alors on r\u00e9cup\u00e8re tous les alias, ce qui quelque part indique sur un serveur tous les domaines que vous g\u00e9rez… Bon, est-ce des gens vont voir et exploiter \u00e7a d’une quelconque mani\u00e8re ? si votre serveur est de toute mani\u00e8re prot\u00e9g\u00e9 (iptables, fail2ban etc), on peut supposer que \u00e7a ne change pas grand chose.
\nPour ce faire dans letsencrypt \/ dehydrated, vous indiquez simplement la liste des noms de domaines sur la m\u00eame ligne du fichier domains.txt. Vous g\u00e9n\u00e9rez votre certificat, \u00e7a prend un peu de temps le temps de r\u00e9ussier tous les \u00ab\u00a0challenges\u00a0\u00bb d’authentification de letsencrypt. A la fin, vous avez un cert.pem et un privkey.pem que vous indiquez dans la conf de 1) postfix\/main.cf dans les param\u00e8tres smtpd_tls_cert_file et smtpd_tls_key_file et vous indiquez le chain.pem dans smtpd_tls_CAfile et 2) pour la partie IMAP, dans dovecot\/conf.d\/10-ssl.conf dans les param\u00e8tres ssl_cert et ssl_key
\nPour Dovecot, afin d’avoir les informations compl\u00e8tes de la \u00ab\u00a0cha\u00eene\u00a0\u00bb d’authentification des certifs, la doc<\/a> dit :<\/p>\n\n\n\n

Put all the certificates in the ssl_cert file. For example when using a certificate signed by TDC the correct order is:<\/p>

Dovecot’s public certificate
\nTDC SSL Server CA
\nTDC Internet Root CA
\nGlobalsign Partners CA<\/p><\/blockquote>\n\n\n\n

Il faut donc pr\u00e9senter le fullchain.pem en guise de certif public, et non pas le cert.pem tout seul, nin le chain.pem tout seul.<\/p>\n\n\n\n

Et voil\u00e0, avec la commande openssl mentionn\u00e9e ci-dessus, vous pouvez tester que tout semble bien – apr\u00e8s un restart des services.<\/p>\n\n\n\n

Et si vous avez planifi\u00e9 votre reg\u00e9n\u00e9ration des certifs letsencrypt en crontab, pensez \u00e0 ajouter un reload des services postfix et dovecot.<\/p>\n\n\n\n

Et testez que tout va bien :
\nhttps:\/\/www.sslshopper.com\/ssl-checker.html#hostname=smtp.gmail.com:465<\/code> en rempla\u00e7ant par votre smtp:465 et ou imap:993.<\/p>\n","protected":false},"excerpt":{"rendered":"

Petit aide m\u00e9moire et astuces pour avoir des certificats qui vont bien dans un environnement postfix\/dovecot ; et non pas des certif auto-sign\u00e9s comme vous avez peut-\u00eatre. Derni\u00e8rement, en voulant configurer un iFoune pour atteindre …<\/p>\n","protected":false},"author":2,"featured_media":1747,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,389],"tags":[402,593,569],"class_list":["post-1778","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-debian","category-reseau-secu","tag-imaps","tag-letsencrypt","tag-smtps"],"yoast_head":"\nsmtp et imap via SSL\/TLS + let's encrypt - Le blog de Michauko<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"smtp et imap via SSL\/TLS + let's encrypt - Le blog de Michauko\" \/>\n<meta property=\"og:description\" content=\"Petit aide m\u00e9moire et astuces pour avoir des certificats qui vont bien dans un environnement postfix\/dovecot ; et non pas des certif auto-sign\u00e9s comme vous avez peut-\u00eatre. Derni\u00e8rement, en voulant configurer un iFoune pour atteindre …\" \/>\n<meta property=\"og:url\" content=\"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/\" \/>\n<meta property=\"og:site_name\" content=\"Le blog de Michauko\" \/>\n<meta property=\"article:published_time\" content=\"2018-12-11T16:48:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-12-07T13:41:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/michauko.org\/blog\/wp-content\/uploads\/2018\/07\/letsenrypt_logo.png\" \/>\n\t<meta property=\"og:image:width\" content=\"432\" \/>\n\t<meta property=\"og:image:height\" content=\"432\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"michauko\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"michauko\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/\"},\"author\":{\"name\":\"michauko\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/#\\\/schema\\\/person\\\/0cd9f3d9ce4dccc05df81a5b27051ea9\"},\"headline\":\"smtp et imap via SSL\\\/TLS + let’s encrypt\",\"datePublished\":\"2018-12-11T16:48:58+00:00\",\"dateModified\":\"2020-12-07T13:41:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/\"},\"wordCount\":685,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/michauko.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/letsenrypt_logo.png\",\"keywords\":[\"IMAPS\",\"letsencrypt\",\"smtps\"],\"articleSection\":[\"Debian\",\"reseau et s\u00e9cu\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/\",\"url\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/\",\"name\":\"smtp et imap via SSL\\\/TLS + let's encrypt - Le blog de Michauko\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/michauko.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/letsenrypt_logo.png\",\"datePublished\":\"2018-12-11T16:48:58+00:00\",\"dateModified\":\"2020-12-07T13:41:20+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/#\\\/schema\\\/person\\\/0cd9f3d9ce4dccc05df81a5b27051ea9\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#primaryimage\",\"url\":\"https:\\\/\\\/michauko.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/letsenrypt_logo.png\",\"contentUrl\":\"https:\\\/\\\/michauko.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/letsenrypt_logo.png\",\"width\":432,\"height\":432},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/michauko.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"smtp et imap via SSL\\\/TLS + let’s encrypt\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/michauko.org\\\/blog\\\/\",\"name\":\"Le blog de Michauko\",\"description\":\"Si tu ne comprends pas le titre de l'article, passe ton chemin\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/michauko.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/michauko.org\\\/blog\\\/#\\\/schema\\\/person\\\/0cd9f3d9ce4dccc05df81a5b27051ea9\",\"name\":\"michauko\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5c3a8969c185fd0eef3893a15408f3ef1b36a6681a066b1eb32045643c30ba65?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5c3a8969c185fd0eef3893a15408f3ef1b36a6681a066b1eb32045643c30ba65?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5c3a8969c185fd0eef3893a15408f3ef1b36a6681a066b1eb32045643c30ba65?s=96&d=mm&r=g\",\"caption\":\"michauko\"},\"sameAs\":[\"http:\\\/\\\/michauko.org\\\/\"],\"url\":\"https:\\\/\\\/michauko.org\\\/blog\\\/author\\\/randomized2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"smtp et imap via SSL\/TLS + let's encrypt - Le blog de Michauko","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/","og_locale":"fr_FR","og_type":"article","og_title":"smtp et imap via SSL\/TLS + let's encrypt - Le blog de Michauko","og_description":"Petit aide m\u00e9moire et astuces pour avoir des certificats qui vont bien dans un environnement postfix\/dovecot ; et non pas des certif auto-sign\u00e9s comme vous avez peut-\u00eatre. Derni\u00e8rement, en voulant configurer un iFoune pour atteindre …","og_url":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/","og_site_name":"Le blog de Michauko","article_published_time":"2018-12-11T16:48:58+00:00","article_modified_time":"2020-12-07T13:41:20+00:00","og_image":[{"width":432,"height":432,"url":"https:\/\/michauko.org\/blog\/wp-content\/uploads\/2018\/07\/letsenrypt_logo.png","type":"image\/png"}],"author":"michauko","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"michauko","Dur\u00e9e de lecture estim\u00e9e":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#article","isPartOf":{"@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/"},"author":{"name":"michauko","@id":"https:\/\/michauko.org\/blog\/#\/schema\/person\/0cd9f3d9ce4dccc05df81a5b27051ea9"},"headline":"smtp et imap via SSL\/TLS + let’s encrypt","datePublished":"2018-12-11T16:48:58+00:00","dateModified":"2020-12-07T13:41:20+00:00","mainEntityOfPage":{"@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/"},"wordCount":685,"commentCount":0,"image":{"@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#primaryimage"},"thumbnailUrl":"https:\/\/michauko.org\/blog\/wp-content\/uploads\/2018\/07\/letsenrypt_logo.png","keywords":["IMAPS","letsencrypt","smtps"],"articleSection":["Debian","reseau et s\u00e9cu"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/","url":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/","name":"smtp et imap via SSL\/TLS + let's encrypt - Le blog de Michauko","isPartOf":{"@id":"https:\/\/michauko.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#primaryimage"},"image":{"@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#primaryimage"},"thumbnailUrl":"https:\/\/michauko.org\/blog\/wp-content\/uploads\/2018\/07\/letsenrypt_logo.png","datePublished":"2018-12-11T16:48:58+00:00","dateModified":"2020-12-07T13:41:20+00:00","author":{"@id":"https:\/\/michauko.org\/blog\/#\/schema\/person\/0cd9f3d9ce4dccc05df81a5b27051ea9"},"breadcrumb":{"@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#primaryimage","url":"https:\/\/michauko.org\/blog\/wp-content\/uploads\/2018\/07\/letsenrypt_logo.png","contentUrl":"https:\/\/michauko.org\/blog\/wp-content\/uploads\/2018\/07\/letsenrypt_logo.png","width":432,"height":432},{"@type":"BreadcrumbList","@id":"https:\/\/michauko.org\/blog\/smtp-et-imap-via-ssl-tls-lets-encrypt-1778\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/michauko.org\/blog\/"},{"@type":"ListItem","position":2,"name":"smtp et imap via SSL\/TLS + let’s encrypt"}]},{"@type":"WebSite","@id":"https:\/\/michauko.org\/blog\/#website","url":"https:\/\/michauko.org\/blog\/","name":"Le blog de Michauko","description":"Si tu ne comprends pas le titre de l'article, passe ton chemin","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/michauko.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/michauko.org\/blog\/#\/schema\/person\/0cd9f3d9ce4dccc05df81a5b27051ea9","name":"michauko","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/5c3a8969c185fd0eef3893a15408f3ef1b36a6681a066b1eb32045643c30ba65?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/5c3a8969c185fd0eef3893a15408f3ef1b36a6681a066b1eb32045643c30ba65?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5c3a8969c185fd0eef3893a15408f3ef1b36a6681a066b1eb32045643c30ba65?s=96&d=mm&r=g","caption":"michauko"},"sameAs":["http:\/\/michauko.org\/"],"url":"https:\/\/michauko.org\/blog\/author\/randomized2\/"}]}},"_links":{"self":[{"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/posts\/1778","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/comments?post=1778"}],"version-history":[{"count":6,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/posts\/1778\/revisions"}],"predecessor-version":[{"id":1852,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/posts\/1778\/revisions\/1852"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/media\/1747"}],"wp:attachment":[{"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/media?parent=1778"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/categories?post=1778"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michauko.org\/blog\/wp-json\/wp\/v2\/tags?post=1778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}