You can have the server on a DMZ and access it through a reverse proxy that does SSL.
El sáb, 23 jul 2022 10:02, Christos Hayward <[email protected]> escribió: > I earlier write that I saw only duct tape-ish ways of getting HTTPS over a > LAN. At least one implementation was mentioned, a self-signed certificate > that all computers on the LAN would be made to accept. > > I saw another, arguably cleaner way to get HTTPS over a LAN. Make a > website, perhaps a bare stub to minimize surface areas to vulnerabilities, > publicly, at https://library.xyz.com. Then cron a copying of the > certificates from the public site to a server on the LAN. Then set a local > DNS (or, worse, hosts files) to assign library.xyz.com the local network > IP > of the net. > > This would seem to sidestep at least some of the security implications for > having a library server on the public network. > > -- > > Unworthy Br. *Christos Hayward*, author and apologist, and more importantly > novice at *St. Demetrios Orthodox Monastery > <https://virginiamonks.org/>* (monastery > webshop <https://virginiamonks.org/collections/all>). > > I invite you to visit my *author site* <https://cjshayward.com> (author > bio > <https://cjshayward.com/author/>, bookshelf <https://cjshayward.com/books/ > >). > One title is Happiness in an Age of Crisis: Ancient Wisdom from the Eastern > Orthodox Church <https://cjshayward.com/crisis/>. > > My most recent posting is a purchasable "How do I love thee?" shirt > <https://cjshayward.com/how-do-i-love-thee-shirt/>. > _______________________________________________ > > Koha mailing list http://koha-community.org > [email protected] > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha > _______________________________________________ Koha mailing list http://koha-community.org [email protected] Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
