Securing my home's IoT comms


#1

Hi all

New to certificates so please be gentle… :slight_smile:

Can someone tell me please whether I can use Let’sEncrypt certificates to secure communication on my home network between devices?

Say I have the me.online domain pointing at the public IP of my home router, and have devices on the network set up as server1.me.online, server2.me.online, etc…

Can I have a separate certificate for each host’s fqdn?
Do I need one for each?
What’s best practice?

I’d like publicly trusted certificates rather than self -cert internal ones.

Many thanks


#2

Yes, if the device is using an public domain / subdomain and could complete challenges (either DNS or HTTP)

Yes, you could.

I don’t think you’ll need one for each. If all servers are on a same network, you could do a wildcard certificate.

It depends on your setups. If you have a “supported” DNS provider, you could do things automatically (without the need to edit your web server configuration file)

Also, if your servers are behind one IP (and using router to Port forwarding, you might want to apply all certificate using one server, since let’s Encrypt would only connect to Port 80 of the IP and follow redirects after that)

Thank you


#3

Can you be more specific on how they communicate and how they would authenticate themselves (to others and to each other)?