I have a Raspberry Pi 5, and inputs are managed through a command window via SSH. OpenMediaVault is running on the Raspberry Pi, allowing me to manage various tasks. On the server, PLEX is running, which is the primary purpose of this setup. Access to the server is exclusively from the local network (192.168.x.x). When attempting to access 192.168.x.x:32400/web from third-party devices, a warning about an insecure connection is displayed. How can I integrate a certificate so that local devices recognize that this site is secure?
Let's Encrypt does not offer certs for IP addresses (currently, might change in the future) and even if it did, public CAs will never issue certificates for private addresses (nor private hostnames).
Thank you very much for the prompt response. Your answer aligns with my understanding regarding certificates. Personally, I am puzzled by the fact that my local network is considered insecure during local access, and it seems that I have no apparent way to change this. Are there perhaps any experiences or suggestions on how to label local pages as secure during local access without using a certificate?
Alternatively, you could perhaps set up a simple, small private CA, but that would entail distributing the (private) root cert among all clients using the local service(s).
Pages can only be considered secure when they are encrypted.
That said, the certificate used for encryption doesn't have to be globally signed/trusted.
As long as the local device trusts the cert [signer] being presented, that connection will be trusted.
So...
You could use a long-lived and self-signed cert in such cases.
It will be considered closed when you are no longer seeing an encryption security warning - LOL