I’ve chosen to avoid running a certificate server on my homelab. It isn’t that I don’t understand the importance of security – I do. It is just that the isolation and configuration of my network makes using something like Let’s Encrypt complicated and I have been unwilling to punch a hole in my firewall to make it easier.
The first step toward reversing my stance occurred over the weekend. I’ve decided to use XCA to issue local certs and see how far that gets me. As always, I’ll keep you posted.