How are y’all managing internal network certificates?
At any point in time, I have between 2-10 services, often running on a network behind an nginx reverse proxy, with some variation in certificates, none ideal. Here’s what I’ve done in the past:
I see easy-RSA seems to be more user friendly these days, but haven’t tried it yet.
I’m tempted to try this setup for my local LAN facing (as exposed to tunnel only, such as pihole) services:
Curious what y’all do and if I’m missing anything basic.
I have no intention of exposing these outside my local network, and prefer as less client side changes as possible.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
deleted by creator
Oh that’s quite simple! I’ve been just using Nginx, I’ll have to have a look into Caddy, thank you!