deleted by creator

While passing on american products in general is a good thing, not all products are equal. Signal is far better for privacy than anything in europe currently. Until there is a good option, supporting an open source non-profit company won’t give the US any profits from your usage. And that’s what really counts. To be honest, signal is the only safe system currently. What makes it unsafe is proprietary software on the clients it’s being used on like IOS or whatever android branch it’s used on.

We really should have something, especially as privacy in europe is really in danger with the chatcontrol agenda. We need both an operating system, and safe communication made in europe, and even more importantly, EU legislation that prevents things like chatcontrol even to be considered.

Thanks! I initially considered going the wildcard route until i saw the workload involved for my host! There does seem to exist autorenewal programs for the largest hosts out there but i’m trying to support my local businesses so it’s unfortunately out of of my scope at the moment, but i’ll checkout your suggestion and see what tailscale has to offer!

I’ve set up a reverse proxy to try out hosting a few APIs but i’m curious about best practice and haven’t found any good way to do it. Anyway, i have them running dotnet 9 on debian, and hosting them on http ports and then reverse proxying to apache that serves them externally with certbot on 443 to some real hostnames. I would really want to host them on https internally as well, but is there a neat way to “cert” them without an internal CA-service? My experience with self-signed certs are mostly that they always force me to trust the server cert in my connection strings, which is also unsafe so i just don’t bother. Is it worth working on and which is the best approach here?