this post was submitted on 29 Jan 2024
56 points (96.7% liked)
Sysadmin
7688 readers
612 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Please no
It would be nice to figure out a way to get local SSL certs for .lan and .local domains though.
I just use a subdomain of my main domain and use dns validation of let's encrypt.
That requires outside authentication though. I think it would be cool to incorporate some SSL into dhcp
That will never happen. SSL is based on trust, and the trust root will never blindly delegate to whatever happens in random LANs. Subdomain is 100% the right approach for internal network.
It can and has already happened. You can make your own root ca. Internal domains need internal root cas. Is it a pia to setup yes. Do I have it installed on my unrooted android phone and linux computers? Yes.
Edit: I didn't see the dhcp part. But you can still make your own root ca
op was obviously referring to public root CAs
I didn't get that
and IT'S OK, we don't want you to burn out
I'm already burnt out. Womp womp
go outside and pet a dog
Rare here but I'll try and find one
The maintainers of DHCP can't even be bothered standardising a query to check if an address is currently in use, doubt they could take on being a CA at the same time
Time for your own CA
What's wrong with it?
Internal is 8 letters while lan is three
You can do this, I already use .internal and you can male your own root ca and make your own certificates with that