I am trying to create a client-server architecture application in a private local area network. I plan to use HTTPS as the protocol between the client and server. Is it possible for me to use HTTPS in a private network without internet connection?
Asked
Active
Viewed 1,393 times
0
-
Yes. This post links to many others. https://security.stackexchange.com/questions/121163/how-do-i-run-proper-https-on-an-internal-network . Also see: https://security.stackexchange.com/questions/89319/creating-my-own-ca-for-an-intranet – Jedi Mar 15 '17 at 15:08
-
Depending on the confidentiality level that is required on your private network, you can also use HTTP... But anyway, HTTPS is fine once you have a TCP/IP network, be it connected to internet or not. – Serge Ballesta Mar 15 '17 at 15:16
2 Answers
2
Yes. Is there any reason you think this wouldn't work?
Josef
- 5,903
- 25
- 33
-
Most of the applications I've read that uses HTTPS are websites (internet). I was wondering if I can also create HTTPS on lan (without internet). – No Limits Mar 15 '17 at 14:50
0
Alternatively to a private CA, if you don't require a great level of secrecy, you can use let's encrypt to issue certificates and use them locally. Your options for this might be:
- Port forward 80 in your router to your local server;
- Public a DNS TXT record temporarily so they can validate domain ownership and issue the certificates.
Let's imagine you've the domain example.org, you might want to have a server in your network with the subdomain server.example.org for internal usage only / inaccessible from the internet / no A record for that subdomain.
You can publish a DNS TXT record to your domain DNS server with the let's encrypt validation challenge, run the certificate request and then remove the TXT record once you get the certificate in your server. It will work and only expose the "for internal usage only" subdomain for a few minutes.
https://letsencrypt.org/docs/challenge-types/#dns-01-challenge
TCB13
- 217
- 3
- 7