Frühere Suchanfragen
Suchoptionen
I run a (web)server for home-things at home, strictly not reachable from the outside. We're using a cornucopia of browsers on Linux, iPad, Android.
Browsers want https (good), and valid certificates (good), but there seems to be no no-pain way to tell them all, hey, this in-house server can be trusted.
- Importing self signed cert into each browser 
- Getting a letsencrypt cert by going online briefly: OK. But then?
Am I missing something obvious?
In case you are interested how I solved having a publicly signed SSL certificate for a home server not connected to the Internet, here is what I did:
The downside: there seems to be no way without having a registered domain. It took me unnecessary time to accept this. The upside: taking the step to get yourself a domain is simpler and cheaper than I was aware of and with the right tool, the rest was easy enough.
@HaraldKi @tootbrute @sbb A subdomain should do as well.
@giggls @HaraldKi @tootbrute That's what I do - several subdomains
@HaraldKi @sbb interesting.
I gave up on doing a 100% tailscale solution.
I feei I'm close.
DNS domain points to VPS ip
Vps with caddy
Caddy points reverse_proxy Tailscale IP
Can't get SSL certs though
Vps can ping tailscale IP
Need to troubleshoot. Must be some stupid thing.
I tried doing WireGuard first on this VPS, so I bet I've screwed something up with IP tables or something, so I'm going to tear down the VPS and try again. Just to eliminate that possibility. DNS is so fun!
Cool thing to keep an eye on though, if anyone's interested in tailscale-only services, is #TSDproxy.