Comment on ICANN approves use of .internal domain for your network
lemmyvore@feddit.nl 3 months agoAs opposed to what, the domain certificate? Which can’t be air-gapped because it needs to be used by services and reverse proxies.
Comment on ICANN approves use of .internal domain for your network
lemmyvore@feddit.nl 3 months agoAs opposed to what, the domain certificate? Which can’t be air-gapped because it needs to be used by services and reverse proxies.
BestBouclettes@jlai.lu 3 months ago
The domain certificate is public and its key is private? That’s basically it, if anyone gets access to your key, they can sign with your name and generate certificates without your knowledge. That’s my opinion and the main reason why I wouldn’t have a self hosted CA, maybe I’m wrong or misled, but it’s a lot of work to ensure everything is safe, only for a self hosted setup.