I want to host a Vaultwarden (or Bitwarden if necessary) instance, but it keeps asking for a domain and a SSL certificate. I dont own a domain and dont want to enable port forwarding on my router to expose it to the outside.

Is it possible to host a instance only internally and access it via the IP or a domain set on my local DNS? How about SSL is it possible and/or necessary?

    • icedterminal
      link
      English
      422 days ago

      TLS.

      While technically you can use TLS with a self signed certificate, it creates additional problems with a public facing service. Only recommended for internal services.

        • icedterminal
          link
          English
          320 days ago

          Some self hosted services refuse to work if you use a self signed certificate with your public facing IP. They only allow self signed certificates when using one of the handful of private addresses.

          Some apps on mobile devices for the service you use won’t work unless a trusted certificate is used. A self signed certificate behind the scenes creates an error that isn’t handled and you can’t connect.

          You lose the ability to have a proxy in front to handle abuse so your server is spared the headache. You need a domain to do this.

          • @interdimensionalmeme@lemmy.ml
            link
            fedilink
            English
            120 days ago

            That’s an ecosystem defect that you need a dns name paid subscription to use “institutionally sanctified” certificates.

            My stuff should be made to still work in the apocalypse when San Francisco and Silicon Valley are underwater radioactive craters.

            • icedterminal
              link
              English
              119 days ago

              It’s an industry security standard. Not a defect. If you don’t agree with it, fork the software and modify it to suit your needs.