this post was submitted on 08 Aug 2024
502 points (99.2% liked)

Selfhosted

60426 readers
338 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] rushaction@programming.dev 10 points 2 years ago (2 children)

Quite literally my first thought. Great, but I can't issue certs against that.

One of the major reasons I have a domain name is so that I can issue certs that just work against any and all devices. For resources on my network. Home or work, some thing.

To folks recommending a private CA, that's a quick way to some serious frustration. For some arguably good reasons. On some devices I could easily add a CA to, others are annoying or downright bullshit, and yet others are pretty much impossible. Then that last set that's the most persnickety, guests, where it'd be downright rude!

Being able to issue public certs is easily is great! I don't use .local much because if it's worth naming, it's worth securing.

[–] JackbyDev@programming.dev 2 points 2 years ago (1 children)

My Asus router is actually able to get a certificate and use DDNS which is really interesting.

[–] ayyy@sh.itjust.works 0 points 2 years ago (1 children)

Makes ya wonder what else it’s doing that for…

[–] JackbyDev@programming.dev 3 points 2 years ago

So you can access your router's config page without blasting your password in plaintext or getting certificate warnings. It's an optional feature.

[–] Railing5132@lemmy.world 1 points 2 years ago

Same thing we do with .local - "click here to proceed (unsafe)" :D

Set up my work's network waay back on NT4. 0 as .local cuz I was learning and didn't know any better, has been that way ever since.