I vaguely remember reading something about leaking your private network setup if you used Let’s Encrypt to generate your certificates.
Because of this when I installed my reverse proxy with caddy to handle my selfhosted home network I configured it to generate the certificates locally.
But this comes with the issue of the annoying warnings of the browsers plus being unable to connect to those devices/services which can’t ignore it.

Am I being too paranoid? Is there any real concern about generating the certificates with Let’s Encrypt for addresses which I don’t intend to have outside my private network?

  • darkfoe@lemmy.serverfail.party
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 years ago

    Depends on your risk profile, really. It’ll technically leak out the DNS name your using internally in order to generate the cert. But, to get a cert from anything (if not wildcard) you’ll have to do this if you don’t want to spin up your own CA.