ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Random Thread - Anything Goes

    Scheduled Pinned Locked Moved Water Closet
    time wastercat pics
    21.6k Posts 141 Posters 11.5m Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch @coliver
      last edited by

      @coliver said in Random Thread - Anything Goes:

      @hobbit666 said in Random Thread - Anything Goes:

      @coliver said in Random Thread - Anything Goes:

      This was going to my answer. It's so easy to setup HTTPS that it makes no sense not to.

      Ok so next level. Use a Certificate from an internal CA? As you can't use something like Letsencrypt

      Or just use HTTPS

      Why wouldn't Let'sEncrypt work? Do these systems not have access to the internet at all?

      That’s not how let’s encrypt works. LE has to reach back to the device you cannot port forward everything to everything. I fucking hate how people think that let’s encrypt is the master solution for SSL because it is not

      scottalanmillerS coliverC 2 Replies Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller @JaredBusch
        last edited by

        @JaredBusch said in Random Thread - Anything Goes:

        That’s not how let’s encrypt works. LE has to reach back to the device you cannot port forward everything to everything.

        Actually it doesn't have to do that. I manage internal systems that don't have outside reaching in access and LE still works. They have alternative methods just for that. In my case, they aren't web servers.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @dbeato
          last edited by

          @dbeato said in Random Thread - Anything Goes:

          @coliver said in Random Thread - Anything Goes:

          @hobbit666 said in Random Thread - Anything Goes:

          @coliver said in Random Thread - Anything Goes:

          This was going to my answer. It's so easy to setup HTTPS that it makes no sense not to.

          Ok so next level. Use a Certificate from an internal CA? As you can't use something like Letsencrypt

          Or just use HTTPS

          Why wouldn't Let'sEncrypt work? Do these systems not have access to the internet at all?

          Some devices are not online just internal and they wouldn't do HTTP confirmation but they could do DNS confirmation.

          That' what I do in that case. Works well.

          JaredBuschJ 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @hobbit666
            last edited by

            @hobbit666 said in Random Thread - Anything Goes:

            @coliver said in Random Thread - Anything Goes:

            This was going to my answer. It's so easy to setup HTTPS that it makes no sense not to.

            Ok so next level. Use a Certificate from an internal CA? As you can't use something like Letsencrypt

            Or just use HTTPS

            Why not just self sign? You are considering HTTP, using self signed is totally fine.

            1 Reply Last reply Reply Quote 1
            • JaredBuschJ
              JaredBusch @scottalanmiller
              last edited by

              @scottalanmiller said in Random Thread - Anything Goes:

              @dbeato said in Random Thread - Anything Goes:

              @coliver said in Random Thread - Anything Goes:

              @hobbit666 said in Random Thread - Anything Goes:

              @coliver said in Random Thread - Anything Goes:

              This was going to my answer. It's so easy to setup HTTPS that it makes no sense not to.

              Ok so next level. Use a Certificate from an internal CA? As you can't use something like Letsencrypt

              Or just use HTTPS

              Why wouldn't Let'sEncrypt work? Do these systems not have access to the internet at all?

              Some devices are not online just internal and they wouldn't do HTTP confirmation but they could do DNS confirmation.

              That' what I do in that case. Works well.

              If it is the system they can use the fully current version of certbot and also that your DNS provider has a plug-in that works with certbot.

              1 Reply Last reply Reply Quote 0
              • nadnerBN
                nadnerB
                last edited by

                6825BEAF-5EE4-40B1-A6CD-DD5E52CFA8BD.jpeg

                1 Reply Last reply Reply Quote 0
                • nadnerBN
                  nadnerB
                  last edited by

                  D8FEFCBE-0BF0-4B26-BE93-C0EBC244D14E.jpeg

                  1 Reply Last reply Reply Quote 1
                  • JaredBuschJ
                    JaredBusch
                    last edited by

                    This just passed me
                    5EF335C1-F4F0-4836-9F8D-F52381089571.jpeg

                    ObsolesceO 1 Reply Last reply Reply Quote 0
                    • nadnerBN
                      nadnerB
                      last edited by

                      1F84CEF1-0419-4E24-A80E-E34FB6D3DF99.jpeg

                      NashBrydgesN 1 Reply Last reply Reply Quote 1
                      • nadnerBN
                        nadnerB
                        last edited by

                        A5EDFBBD-7EDC-4709-BF88-D655DF11FB13.jpeg

                        1 Reply Last reply Reply Quote 0
                        • ObsolesceO
                          Obsolesce @JaredBusch
                          last edited by

                          @JaredBusch said in Random Thread - Anything Goes:

                          This just passed me
                          5EF335C1-F4F0-4836-9F8D-F52381089571.jpeg

                          Isn't that highly distracting and illegal?

                          1 Reply Last reply Reply Quote 0
                          • nadnerBN
                            nadnerB
                            last edited by

                            @RojoLoco i was reminded of your “Big orange idiot” comment from a year or so ago:

                            17F0E398-740C-4486-973F-4080A1E11F63.jpeg

                            1 Reply Last reply Reply Quote 3
                            • scottalanmillerS
                              scottalanmiller
                              last edited by

                              20140955_45_600_1066.jpg

                              1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller
                                last edited by

                                20140955_44_600_869.jpg

                                1 Reply Last reply Reply Quote 1
                                • coliverC
                                  coliver @JaredBusch
                                  last edited by

                                  @JaredBusch said in Random Thread - Anything Goes:

                                  @coliver said in Random Thread - Anything Goes:

                                  @hobbit666 said in Random Thread - Anything Goes:

                                  @coliver said in Random Thread - Anything Goes:

                                  This was going to my answer. It's so easy to setup HTTPS that it makes no sense not to.

                                  Ok so next level. Use a Certificate from an internal CA? As you can't use something like Letsencrypt

                                  Or just use HTTPS

                                  Why wouldn't Let'sEncrypt work? Do these systems not have access to the internet at all?

                                  That’s not how let’s encrypt works. LE has to reach back to the device you cannot port forward everything to everything. I fucking hate how people think that let’s encrypt is the master solution for SSL because it is not

                                  There are tons of alternatives to this. Even having a single "public" system getting a wildcard and then pushing that cert to the systems that need it would be fairly easy to script.

                                  1 Reply Last reply Reply Quote 2
                                  • nadnerBN
                                    nadnerB
                                    last edited by

                                    2E099C01-2EF3-4316-A4AE-B431B705532F.jpeg

                                    1 Reply Last reply Reply Quote 1
                                    • nadnerBN
                                      nadnerB
                                      last edited by

                                      3fd054cc-5a1c-4eee-ab34-c5e65b6cbb1c-image.png

                                      1 Reply Last reply Reply Quote 3
                                      • nadnerBN
                                        nadnerB
                                        last edited by

                                        4dfec98b-ffb4-4ad4-a38e-a1cfc56f26ba-image.png

                                        scottalanmillerS 1 Reply Last reply Reply Quote 1
                                        • nadnerBN
                                          nadnerB
                                          last edited by

                                          aeed9d59-b81e-4710-8daa-fc091998ca80-image.png

                                          1 Reply Last reply Reply Quote 1
                                          • nadnerBN
                                            nadnerB
                                            last edited by

                                            7579ffd7-53a7-444d-b2ba-26becb8d9fe6-image.png

                                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 1078
                                            • 1079
                                            • 2 / 1079
                                            • First post
                                              Last post