20
submitted 6 months ago* (last edited 6 months ago) by shiftymccool@programming.dev to c/selfhosted@lemmy.world

Hey all!

I have a bunch of services running on my home server and was looking to expose some of them publicly via Cloudflare tunnel. This is done and working great using the origin server certificate and strict TLS.

Up until now, I've been using self-signed certs internally but now I don't want to deal with the "proceed anyway" crap on browsers. I have Traefik set up to get certs from Cloudflare using DNS challenge and that seems to be working.

So, now my problem is: how do I switch between these certificates for the same URL when I'm internal vs public? I'd rather keep that traffic local if I'm at home, which is also working, I just can't figure out how to get Traefik to use the appropriate certificate depending on if the request is coming from my LAN or Cloudflare.

Any suggestions? Is there a better way to accomplish what I want to do?

EDIT: Looks like I'm just going full Cloudflare on this one, thanks for your help everyone!

you are viewing a single comment's thread
view the rest of the comments
[-] Decronym@lemmy.decronym.xyz 1 points 6 months ago* (last edited 6 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
CA (SSL) Certificate Authority
CF CloudFlare
DNS Domain Name Service/System
IP Internet Protocol
SSL Secure Sockets Layer, for transparent encryption

4 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.

[Thread #743 for this sub, first seen 10th May 2024, 01:55] [FAQ] [Full list] [Contact] [Source code]

this post was submitted on 10 May 2024
20 points (95.5% liked)

Selfhosted

40438 readers
247 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS