Comment on [deleted]
BlackEco@lemmy.blackeco.com 3 weeks agoBut you’re still using Caddy as the sole reverse proxy, don’t you? Do you have multiple Caddy instances that require access to a single certificate?
Comment on [deleted]
BlackEco@lemmy.blackeco.com 3 weeks agoBut you’re still using Caddy as the sole reverse proxy, don’t you? Do you have multiple Caddy instances that require access to a single certificate?
Appoxo@lemmy.dbzer0.com 3 weeks ago
Thing is, you may have some devices that should be accessible even if the reverse proxy is unreachable.
And if you have HSTS and wamt to reach a device under the same local DNS suffix (example: External -> service.example.org, Internal: service.int.examole.org) you can’t just bypass the https warning.
Same for devices reachable over RDP, SSH, etc. etc.