Hello everyone. Need some opinions here. Does it worth all the trouble to make things like jellyfin and immich run with HTTPS for services that are only accesible in the LAN? I ask it 'cause, as far as I know, there is no way to put a valid certificate like let’s encrypt for a service that is not accessible from the net and I don’t plan to buy a certificate for myself. But I have some trouble with the rest of my family having issue with their browsers complaining about the lack of https every time a browser is updated. So, what would be the best solution?
I had a Let’s Encrypt for an internal domain for a while. It was a wildcard subdomain of one of my external domains. *.x.y.com I created it by setting up a temp webserver and creating it from there. I ran into internal issues because I also had hairpinning for some services and not others.
Alternatively, you could do your own CA with something like EasyCA. You’d have to add the CA cert to all devices, but once you do, you have full control to create any certs you want.