How to create a trusted SSL certificate for a local .local domain?

B

Bodriy11111112020-05-05 01:32:10

linux

Bodriy1111111, 2020-05-05 01:32:10

There are two domains in the local network aaa.local and bbb.local registered on Bind9. Apache2 server. Domain names are directed to it and everything works fine, but only via http. How to create a trusted SSL certificate for a local .local domain?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

alfss, 2020-05-05
@alfss

https://ru.wikipedia.org/wiki/%D0%A1%D0%B0%D0%BC%D...

C

CityCat4, 2020-05-05
@CityCat4

There are two options:
- issue a couple of self-signed certificates and place them everywhere in the trusted certificate store
- create your own CA, issue certificates in it, and place the CA certificate everywhere in the trusted store
Well, or if there is a lot of unnecessary money:
- order the "corporate PKI" service and issue certificates eventually signed by one of the world's CAs

A

Alexander Karabanov, 2020-05-05
@karabanov

The .local zone is reserved for zeroconf and other Bonjours so don't use it
( https://en.wikipedia.org/wiki/.local)
Change it to some .lan or .mycompanyname before it's too late
As for certificates, use self-signed ones as suggested higher.
In other matters, you can use the https://www.freenom.com/ service and register yourself a free second-level domain (even for a year), with a free renewal (the main thing is not to forget to renew) and issue a full-fledged certificate using Let`sEncrypt.