(community.letsencrypt.org)

314 points Bogdanp | 1 comments | 25 Jun 25 16:21 UTC | HN request time: 0.346s | source

Show context

sschueller ◴[26 Jun 25 07:30 UTC] No.44385074[source]▶

What about internal IPv4 addresses? Can we have browsers ignore 192.168.x.x, 172.16.x.x and 10.x.x.x if we can't get certs for those or can we get a public wildcard for internal networks?

replies(4): >>44385117 #>>44385282 #>>44385784 #>>44386470 #

yread ◴[26 Jun 25 09:52 UTC] No.44385784[source]▶

>>44385074 #

Point your dns to an existing public server, get a cert, copy it to internal server, point your dns to 192.168.... address and copy the cert and key over.

Only problem is some routers blackhole dns responses pointing to local addresses so you need to test it

replies(1): >>44386248 #

1. sschueller ◴[26 Jun 25 11:18 UTC] No.44386248[source]▶

>>44385784 #

With automated certs having shorter and shorter expiration this becomes a tedious waste of time just so one can access ones cameras without having to click past the browser warnings.

↑

Getting ready to issue IP address certificates