Hi,
I have created a certificate thanks to Certbot and I have added on the server.
Like you can see my conf :
You can test : here
The web server access is also used by my private network.
Is it possible to use the certificate with my LAN ?
Certificates are signed documents which say that an Issuer (in this case, Let’s Encrypt) promises that some particular Identity (in this case the Fully Qualified Domain Name pydio.ch-nevers.fr) has a private key corresponding to the public key listed in the document.
A web browser or similar software will examine certificates and check whether they’re signed by an Issuer it trusts, and whether the certificate is for an Identity it expected. For example when visiting a web URL starting https://pydio.ch-nevers.fr/ the certificate must have the name pydio.ch-nevers.fr exactly, not any similar name.
So, this will work very well on your LAN if you use the names for servers normally in addresses within the LAN. If you have some other name for the machines when seen from inside the LAN, or if you address them by number, the certificate is no good for this purpose. No publicly trusted CA will issue certificates that work for names or numbers that can’t exist on the public Internet like “myserver” or “hp-laserjet.local”.
It doesn’t matter why the names work - “split horizon DNS” or “I just typed the names into hosts.txt” are both fine, but if the full names aren’t used the certificate won’t match.
Does that help?
2 Likes
Hi,
Thanks you for your explication.
That help!
Malcolm
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.