Comment on [deleted]
BlackEco@lemmy.blackeco.com 1 day agoBut you’re still using Caddy as the sole reverse proxy, don’t you? Do you have multiple Caddy instances that require access to a single certificate?
Comment on [deleted]
BlackEco@lemmy.blackeco.com 1 day agoBut you’re still using Caddy as the sole reverse proxy, don’t you? Do you have multiple Caddy instances that require access to a single certificate?
Appoxo@lemmy.dbzer0.com 22 hours ago
Thing is, you may have some devices that should be accessible even if the reverse proxy is unreachable.
And if you have HSTS and wamt to reach a device under the same local DNS suffix (example: External -> service.example.org, Internal: service.int.examole.org) you can’t just bypass the https warning.
Same for devices reachable over RDP, SSH, etc. etc.