Improving HTTPS on private networks (alexsci.com)

submitted 2 years ago by tripple@beehaw.org to c/cybersecurity@lemmy.ml

3 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] Parsnip8904@beehaw.org 1 points 2 years ago

Will that specified domain be routed internally by default?

[-] tripple@beehaw.org 1 points 2 years ago

Yes, there's two approaches I'm using currently. When you register a subdomain you can choose either localhostcert.net or localcert.net. The former has an A record in the public DNS that points to 127.0.0.1. The latter has no public A records so you need to manage them yourself, possibly with a local DNS resolver like unbound.

[-] SHITPOSTING_ACCOUNT@feddit.de 1 points 1 year ago* (last edited 1 year ago)

Why (for what use cases) would one use the former? Browsers solve this by treating localhost as a secure context (i.e. no mixed content warnings etc.) even if you use plain http.

this post was submitted on 10 Jun 2023

4 points (100.0% liked)

/c/cybersecurity - Cybersecurity News & Discussion

2127 readers

1 users here now

A community for technical news and discussion of cybersecurity and closely related topics.

founded 4 years ago

MODERATORS

gfjzjcx@lemmy.ml