Answer the question
In order to leave comments, you need to log in
Does self-signed SSL certificate for local IP work through NAT?
In the short term, I will need to implement the following task:
there is a physical server in my network. It has its own permanent local IP. There is a web server running with HTTPS. The certificate is self-signed to the same local IP. This root certificate is added to working browsers and everything will work.
But there is a completely different network. There, through NAT, requests go to this physical server with HTTPS.
Currently, everything works without encryption over http, but you will have to do https as I described.
So here's the question. Will browsers from another network swear at this self-signed certificate, even if it is added to the allowed ones in the browser? After all, the IP for the browser will be different from the address in the certificate? And what is the best way to set everything up?
Of course, it is not critical that browsers will swear at the certificate, but I want to do it well.
Answer the question
In order to leave comments, you need to log in
If the certificate is issued in the name (which is done in 99.9%), then the browser does not care about the IP, it checks the name in the certificate with the name in the request, and add it to the trusted ones. There are certificates for IP, they are very rarely issued, but the most understandable thing you can do anything. If the certificate on IP - will not work, will yell.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question