To be fair a lot of apps don’t handle custom CAs like they should. Looking at you Home Assistant! 😠
Behind a traefik reverse proxy with lets encrypt for ssl even though the services aren’t exposed to the internet?
diablomnky666@lemmy.wtf 3 weeks ago
suicidaleggroll@lemmy.world 3 weeks ago
Who cares if it’s exposed to the internet?
-
Encrypting your local traffic is still valuable to protect your systems from any bad actors on your local network (neighbor kid cracks your wifi password, some device on your network decides to start snooping on your local traffic, etc)
-
Many services require HTTPS with a valid cert to function correctly, eg: Bitwarden. Having a real cert for a real domain is much simpler and easier to maintain than setting up your own CA
-
DownByLaw@sh.itjust.works 3 weeks ago
Don’t forget about Anubis and crowdsec to make it even safer inside your LAN