(inclouds.space)

301 points todsacerdoti | 1 comments | 10 Apr 25 14:19 UTC | HN request time: 0s | source

Show context

smjburton ◴[10 Apr 25 16:51 UTC] No.43645788[source]▶

OP: If you're already using Caddy, why not just use a purchased domain (you can get some for a few dollars) with a DNS-01 challenge? This way you don't need to add self-signed certificates to your trust store and browsers/devices don't complain. You'll still keep your services private to your internal network, and Caddy will automatically keep all managed certificates renewed so there's no manual intervention once everything is set up.

replies(3): >>43645951 #>>43645968 #>>43646218 #

1. qwertox ◴[10 Apr 25 17:07 UTC] No.43645968[source]▶

>>43645788 #

I was on a similar thought process, but this leaves you only with the option to set the A record of the public DNS entry to 127.0.0.1, if you want to use it on the go.

Though you could register a name like ch.ch and get a wildcard certificate for *.ch.ch, and insert local.ch.ch in the hosts file and use the certificate in the proxy, that would even work on the go.

↑

.localhost Domains