this post was submitted on 07 Jun 2023
3 points (100.0% liked)

homelab

6589 readers
7 users here now

founded 4 years ago
MODERATORS
 

Hey all,

Hope this is the right place to be asking (Reddit refugee), but do any of you setup certs for inward facing services? For example, I run "Whoogle" on my proxmox server, which I then access from several other devices when performing searches.

The connection between my machines and that proxmox VM are not encrypted, however only my VLAN (for personal devices) is able to access it.

Is it good practice to create a certificate for those types of servers that can only be accessed within your own network, or overkill?

top 2 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 1 year ago

It is always good practice to set up certificates everywhere. I do it for all of my internal services. Each person has a different level of care for how important privacy and security are and some people have abnormal threat profiles.

With that being said, options are usually to run self signed certificates, roll your own certificate authority for your network, or get valid certificates from a service like letsencrypt.

[–] [email protected] 1 points 1 year ago

I point my DNS at local IPs then use Let’s Encrypt with DNS validation.