Mind that I am very noob into self-hosting, reverse proxies and the like
When I saw that Caddy automatically handled the HTTPS thingies I was like “this is my moment then to go into self-hosting”. Caddy seemed so simple.
Turns out… I am suddenly discovering that the connection between the caddy machine and the Home Assistant machine (both in the local network) is non-encrypted. So if another appliance in my local network went rogue… bum, all my info gets leaked… right?
This might sound weird because it might actually be super-duper complicated but… how come in 2025 we still don’t auto-encrypt local comms?
Please be kind. Lot’s of love. Hopefully I’ll dig my way to self-hosting wisdom.
You mentioned a book though… Now i’m curious ;-)
https://www.amazon.com/Demystifying-Cryptography-OpenSSL-3-0-techniques/dp/1800560346
It’s really a good book :) And the last part is all about a mini-ca for your homelab !
However, don’t use the ED448/ED25519 algorithm based certificates for TLS as mentioned in the example… They are still not supported by any browser !
If you can support the author, please do ! If you’re on a budget, it’s really easy to find in the piracy corner.