Okay, so I have been thinking that I should be encrypting. I have three devices that I access from outside of my own network over Web interfaces:
- a QNAP TS-231 NAS
- a Home Assistant server running on a Raspberry Pi
- a Remote Potato server running on my WMC DVR. (Yes, people still use WMC. )
I am not married to the idea of encrypting (3), but I would like to get (1) and (2).
Now, I’ve found tutorials, but they all assume you aren’t working from a domain and have you setting up through a DDNS service like Dyn or something, and they all assume you are doing one certificate for one machine and that’s it. Except I do have my own domain, which I have going to these machines through web forwards on my DNS service (ZoneEdit). So nas.mydomain.com redirects to mydomain.com:1234, and dvr.mydomain.com redirects to mydomain.com:9080, and so forth.
Last night I got my NAS set up through StartSSL after much trial and error, and then discovered that apparently the Internet (and especially Mozilla) hates StartSSL. So here I am at LE.
I kinda want to do this through LE to learn how to do it, and because it annoys me to see the warning that self-signing would produce.
So my primary question is: since everything ultimately goes through mydomain.com, do I even need multiple certificates or do I get one and install the same one on all of my devices? My secondary question is: what’s the best way to go about this?
Thanks much for any help!