• rushaction@programming.dev
    link
    fedilink
    English
    arrow-up
    10
    ·
    5 months ago

    Quite literally my first thought. Great, but I can’t issue certs against that.

    One of the major reasons I have a domain name is so that I can issue certs that just work against any and all devices. For resources on my network. Home or work, some thing.

    To folks recommending a private CA, that’s a quick way to some serious frustration. For some arguably good reasons. On some devices I could easily add a CA to, others are annoying or downright bullshit, and yet others are pretty much impossible. Then that last set that’s the most persnickety, guests, where it’d be downright rude!

    Being able to issue public certs is easily is great! I don’t use .local much because if it’s worth naming, it’s worth securing.

        • JackbyDev@programming.dev
          link
          fedilink
          English
          arrow-up
          3
          ·
          5 months ago

          So you can access your router’s config page without blasting your password in plaintext or getting certificate warnings. It’s an optional feature.

    • Railing5132@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Same thing we do with .local - “click here to proceed (unsafe)” :D

      Set up my work’s network waay back on NT4. 0 as .local cuz I was learning and didn’t know any better, has been that way ever since.