Replying to Avatar Enki

Wait a second, you can run your own private CA and it doesn't come off as a self-signed cert?

That I'm interested in.
Avatar
Dr. Hax 1y ago

Get ready to be disappounted. The only reason it doesn't come up as untrusted (for me) is because I've added my CA to my list of trusted CAs. So I only do this with internal services (local HTTPS services, SSH, etc.). The services are not just available to me, but I know all the users personally and they're all willing to install my CA.

For any public service, you're stuck with getting a cert from someone in the default list that ships with Firefox, Chrome, the O/S, Java, etc. That is, unless you are in a situation where you can get your clients/visitors to install your CA.

My public services use LetsEncrypt like most everyone else.

Reply to this note

Please Login to reply.

Discussion

Avatar
Enki 1y ago

Ah darn ok. I knew you could install your own root CA and use your own SSL certs in your own systems. I do that already. I thought you were talking about somehow, running a private CA that works for public things.