pacocascadero

joined 1 year ago
MODERATOR OF
[–] pacocascadero 6 points 1 year ago (1 children)

Don’t use internal domain, use standard domain + split DNS instead. Much simpler to handle certificates for internal services with ACME protocol.

[–] pacocascadero 8 points 1 year ago

This is the way for services not exposed to the internet. Thera are multiple DNS providers supported (I use Cloudflare personally). At the other hand if the service is published to the internet HTTP validation is very simple to configure as well. I have stopped using Nginx as a reverse proxy and use Traefik for conteinerised services or Caddy for the rest. Both proxies support ACME protocol out of the box.

2
Apple at Work community (self.newcommunities)
submitted 1 year ago* (last edited 1 year ago) by pacocascadero to c/newcommunities
 

Community for anyone dealing with Apple devices administration. Mobile Device Management (MDM), Apple Business / School Manager etc.

[email protected]