pacocascadero

joined 2 years ago
[–] [email protected] 6 points 2 years ago (1 children)

Don’t use internal domain, use standard domain + split DNS instead. Much simpler to handle certificates for internal services with ACME protocol.

[–] [email protected] 7 points 2 years ago

This is the way for services not exposed to the internet. Thera are multiple DNS providers supported (I use Cloudflare personally). At the other hand if the service is published to the internet HTTP validation is very simple to configure as well. I have stopped using Nginx as a reverse proxy and use Traefik for conteinerised services or Caddy for the rest. Both proxies support ACME protocol out of the box.

2
submitted 2 years ago* (last edited 2 years ago) by [email protected] to c/[email protected]
 

Community for anyone dealing with Apple devices administration. Mobile Device Management (MDM), Apple Business / School Manager etc.

[email protected]