On Tue, 2021-06-01 at 13:02 +0100, Peter Humphrey wrote: > > So what would you recommend for someone in the case Joost cites? I'm in that > position, being a home user of a small network but no registered Internet > name. >
A self-signed certificate combined with a browser extension that lets you "pin" it. With pinning, you can keep your browser usable on the WWW while still rejecting any forged certificates for your own hosts. The end result works pretty much like SSH keys do.