[Koha] One thing I realized

Tomas Cohen Arazi tomascohen at gmail.com
Sun Jul 24 07:25:44 NZST 2022


You can have the server on a DMZ and access it through a reverse proxy that
does SSL.

El sáb, 23 jul 2022 10:02, Christos Hayward <christos.hayward at gmail.com>
escribió:

> I earlier write that I saw only duct tape-ish ways of getting HTTPS over a
> LAN. At least one implementation was mentioned, a self-signed certificate
> that all computers on the LAN would be made to accept.
>
> I saw another, arguably cleaner way to get HTTPS over a LAN. Make a
> website, perhaps a bare stub to minimize surface areas to vulnerabilities,
> publicly, at https://library.xyz.com. Then cron a copying of the
> certificates from the public site to a server on the LAN. Then set a local
> DNS (or, worse, hosts files) to assign library.xyz.com the local network
> IP
> of the net.
>
> This would seem to sidestep at least some of the security implications for
> having a library server on the public network.
>
> --
>
> Unworthy Br. *Christos Hayward*, author and apologist, and more importantly
> novice at *St. Demetrios Orthodox Monastery
> <https://virginiamonks.org/>* (monastery
> webshop <https://virginiamonks.org/collections/all>).
>
> I invite you to visit my *author site* <https://cjshayward.com> (author
> bio
> <https://cjshayward.com/author/>, bookshelf <https://cjshayward.com/books/
> >).
> One title is Happiness in an Age of Crisis: Ancient Wisdom from the Eastern
> Orthodox Church <https://cjshayward.com/crisis/>.
>
> My most recent posting is a purchasable "How do I love thee?" shirt
> <https://cjshayward.com/how-do-i-love-thee-shirt/>.
> _______________________________________________
>
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>


More information about the Koha mailing list