The term to look for is out of band management. Typically this will provide serial/console access to a device, and can often perform actions like power cycling. A lot of server hardware has this built in (eg idrac for Dell, IPMI generically). Some users will have a separate oobm network for remotely accessing/managing everything else.

Because there are a lot of people with different goals that conflict with each other? Which is true in lots and lots of other things.

It amazes me that so many people obsessed about self hosting everything use this service - really asking for it.

TY for mentioning/explaining scoping.

I didn’t say you were, I said you were asking about a topic that enters that area.

You’re entering the realm of enterprise AI horizontal scaling which is $$$$

deleted by creator

I thought I had a lot of RAM with 64

Import it into the trust store in the browser/OS. It should be the same (or very similar) operation for a self-signed cert and a CA that isn’t subordinate to the standard internet root CAs.

If you can’t import your own root CA cert then you’re probably screwed on both fronts and are going to have to use certs issued by a public CA that’s subordinate to a commonly trusted root CA.

My point here is that there’s little distinguishing a self-signed cert and a cert issued by your own private CA for most people that are self-hosting.

Trust the self signed cert. Works similarly to trusting a CA.

Running your own CA is essentially still a form of self signed. Though it will work better for some use cases (at the cost of more complexity)

You don’t need a public DNS record for https to work. You can just use public external certs as long as it’s for a domain you own. You don’t need to setup the same domains externally.

If you want certs for a domain you own, then yeah you’re looking at self signed.

You may be thinking like a programmer but the guy you responded to is thinking like a software engineer.

Wow works fine on Linux for me

Can’t argue with that. I’m glad you’ve found something that you enjoy.

Yeah, it’s always fun to find out that a standard looking util on osx actually requires weird args and syntax.

I subscribe to the arch news letter, and they email me about potentially breaking changes like 4 times a year. Usually I don’t have to do anything about them but it’s good to be aware of, just in case.

I stopped using grub after that pain in the ass

Encryption in transit even internally is a good practice. That said, op is making life hard by refusing to use DNS.

I feel like op is about to find out why businesses pay for cloud services.