Comment by kelnos
3 years ago
Yeah, I've thought about having a CA for my home LAN services, and then have my phone and laptop trust that CA, but I'm terrified of the possibility that my CA could be compromised, and then someone could intercept my traffic to my bank or whatever.
So I just put up with clicking through the TLS cert errors every now and then.
I have a CA for home services and was worried about this, so I use name constraints to limit the domains that it is allowed to sign certs for.
This blog (not mine) goes into how to do it: https://systemoverlord.com/2020/06/14/private-ca-with-x-509-...
That's a neat idea! I looked into name constraints many years ago, and at the time, no common browser or TLS library supported it; glad to see that that has changed.
With ubiquitous support, I hope that one day we'll be able to routinely get "subdomain CA certificates" issued by something like Letsencrypt, just like it's already possible to get wildcard certificates.
Since when have TLS certs not been pinned to specific domains?
2 replies →
A DIY CA is pretty easy to airgap: keep it on hardware that isn't your daily driver and only has a minimal/secure OS with no network connectivity. Anything you have lying around can do it: like an outdated laptop or SBC.
Even just using a VM for the CA would likely be sufficient. Only fire it up for signing, then keep its storage encrypted. I do this on my Proxmox server.
This, to me, is worth it for local stuff. The trusted self CA certs are better than blindly trusting an invalid cert, and some browsers require trusted certs to autofills passwords.
I used to do the same, but these days, getting TLS certificates for local services is actually not that hard anymore.
If you have local DNS, you can e.g. request a wildcard subdomain Letsencrypt certificate and then distribute the corresponding key and certificate to your LAN hosts.
maybe just use LAN as it was intended? wired!? sounds as stupid as it get's to have something that can replace valid certs on your system.