Comment on If I use Caddy for reverse-proxying into another local machine... is my local connection not HTTPS?
BioMyth@lemmy.ml 1 week ago
Like others are saying, a simple fix to this is to setup the homeassistant machine for https & a self signed cert. Then on the Caddy machine you can configure the https to not verify the origin. That would make the communications more robust, but I think it is still vulnerable to MITM attacks.
BennyInc@feddit.org 1 week ago
Even better: generate a key pair to use for HA, and give the public part to Caddy to use for authenticating the HA server. If HA supports it, you could even generate a client certificate Caddy could use to authenticate against HA.