i am a noob so i come right here for some advise.
I work/assist at a non-profit organisation in IT.
We bought a webserver rented by a internet hosting supplier (all-inkl.com) the place we bought a number of domains hosted that are protected through a trusted ssl certificates. In it one can see our private info which is nice due to the general public site visitors the positioning will get and for options like donating aso.
On the native server facet I used to be evading implementing a trusted ssl certificates for safety causes.
We bought a static ip deal with the place worker can entry our Synology Diskstation, a Ubuntu Server internet hosting a Passwork (a password supervisor app), a VPN Server and Proxmox.
The thought behind not utilizing a trusted Cert was, that solely staff entry this “personal” community. The staff know the IP and know what they’re connecting to. Since there needs to be no public entry the Cert should not reveal one thing about what community/organisation the static ip belongs to.
We bought a number of makes an attempt per day of bots attempting to get in. I feel that it would not assist in the event that they see the corporate identify within the cert which might be sufficient info to focus on particular firm emails aso.
- btw please educate me if my logic behind that is flawed.
There was no downside with this answer (simply added the certificates manually to the native machines).
However now I got here throughout “GetStation”. The app appears actual promising and bought the potential to ease a a lot of my administration on how one can create digital surroundings for the workers.
In Station one can add companies for the Diskstation, Passwork and possibly Proxmox however now i bought the issue that station wouldnt let me connect with my Servers since they’re self-signed certificates.
I actually need to attempt GetStation together with the workers solely server/companies.
- Is there a strategy to create trusted certificates that will work with station with out exhibiting our organisation?
- Ought to i be excited about utilizing a trusted certificates for the native personal server?
- Is there one thing cheap about my considering or do u assume my logic is flawed?
Many thanks and all the perfect!