I earlier write that I saw only duct tape-ish ways of getting HTTPS over a LAN. At least one implementation was mentioned, a self-signed certificate that all computers on the LAN would be made to accept.
I saw another, arguably cleaner way to get HTTPS over a LAN. Make a website, perhaps a bare stub to minimize surface areas to vulnerabilities, publicly, at https://library.xyz.com. Then cron a copying of the certificates from the public site to a server on the LAN. Then set a local DNS (or, worse, hosts files) to assign library.xyz.com the local network IP of the net. This would seem to sidestep at least some of the security implications for having a library server on the public network. -- Unworthy Br. *Christos Hayward*, author and apologist, and more importantly novice at *St. Demetrios Orthodox Monastery <https://virginiamonks.org/>* (monastery webshop <https://virginiamonks.org/collections/all>). I invite you to visit my *author site* <https://cjshayward.com> (author bio <https://cjshayward.com/author/>, bookshelf <https://cjshayward.com/books/>). One title is Happiness in an Age of Crisis: Ancient Wisdom from the Eastern Orthodox Church <https://cjshayward.com/crisis/>. My most recent posting is a purchasable "How do I love thee?" shirt <https://cjshayward.com/how-do-i-love-thee-shirt/>. _______________________________________________ Koha mailing list http://koha-community.org [email protected] Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
