I’m just so annoyed of fighting this all the time.
If I can’t figure this out I’m going to disable all https redirecting and all certificate errors off so I can have some peace
EDIT: I do not wish to manage certificates I do not want to setup private key infrastructure I don’t want to use real internet domain names I don’t want to manually install certificates into browsers after fishing them out of my ephemeral virtual machines
I just want to, add exception for *.lan for https auto redirect and auto-accept self-signed certificates as valid. This is not much to ask.
You can get rid of the certificate errors by adding your CA to Firefox. Just make sure you keep the private key secure.
Set
browser.fixup.fallback-to-https
tofalse
to stop Firefox from trying https if http doesn’t work.But honestly, you shouldn’t need to do this, you can just use LetsEncrypt to get a real cert. Here’s what I do:
Boom, you get all the benefits of a proper TLS setup, along with all of the benefits of local traffic. You can even turn off external access to the services between cert renewals.
worth repeating the KEEP YOUR PRIVATE KEY SECURE part if you’re trusting a root - if you trust a root, it may be able to issue a TRUSTED cert for other domains - mybank.com, etc and leave you open to attack