EDIT: I'm going to use LetsEncrypt, DNS challenge, and then either configure Caddy to use DNS challenge, or switch to another proxy.
This will also work nicely with my VPN, so all's good there.
Thanks all. If you're going to suggest LetsEncrypt DNS challenge, I'm with you. Something else? Love to hear it!
SSL/TLS question for folks.
I run a number of services inside my home network. Since they're all local, I run them without SSL/TLS, so plain http. The problem is modern browsers complain loudly when you use a non-encrypted service.
I can't use LetsEncrypt because the services are local only, not exposed to the Internet.
I could make a self-signed certificate, but that will cause some applications to fail since self-signed certs are generally frowned upon, and I can't easily add my CA certificate to every device in my home.
Do you run a homelab with web services? If so, how do you handle this problem.
[#]AskFedi #Homelab
=> More informations about this toot | More toots from serge@babka.social
@serge LAN-only services: my own CA with EasyRSA. Anything that is exposed online: LetsEncrypt.
=> More informations about this toot | More toots from RTheren@social.linux.pizza
@serge That forces you to trust to root ca. That's contrary the purpose of LetsEncrypt.
=> More informations about this toot | More toots from KoosPol@mastodon.nl
@KoosPol
Please offer a different suggestion that gets me to the goal then :)
=> More informations about this toot | More toots from serge@babka.social
@serge I don't have any. I'm in the same boat. Fortunately my home lan is very small. I've accepted the misery of self signed certificates.
=> More informations about this toot | More toots from KoosPol@mastodon.nl This content has been proxied by September (ba2dc).Proxy Information
text/gemini