top | item 33117840

(no title)

enkrs | 3 years ago

Lots of good answers here. If certs are still the issue then a little unorthodox method is to create a wireguard tunnels between your internal hosts. They are trivial to setup. Less maintenance than renewable wildcard certs. Similar level of security as https.

You can even put the wireguard private IP addresses on your DNS servers. As mentioned elsewhere DNS records are not publicly enumerable like letsencrypt certs.

A side benefit is you can now access your internal network from your laptop or phone.

discuss

No comments yet.