However, if you’re going the self-signed certificate route, consider to make your own mini-CA with root-CA + intermediate CA added in your trust store on every device and all your services behind a reverse proxy. The only thing you need to worry about is the certificates’ validity !
They even have a full tutorial on it here.
However, if you’re going the self-signed certificate route, consider to make your own mini-CA with root-CA + intermediate CA added in your trust store on every device and all your services behind a reverse proxy. The only thing you need to worry about is the certificates’ validity !