owntracks with mutual tls

ᓰᕵᕵᓍ@lemmy.world to Selfhosted@lemmy.world – 12 points –

Managed to spin up owntracks with mtls on android-mosquitto connection also the browser-recorder webui connection I was unable to enable tls on the recorder-mosquitto connection. Just basic auth. But I think the setup is secure enough as recorder connects to mosquitto only in the local network

Please have a look

https://ippocratis.github.io/p/owntracks/

Thanks

3

You've added localhost to subjectAltName - that's really bad, as absolutely everything running on your machine will match it.

Thanks for pointing this out

Truth is only the domain you use to access mosquitto is needed in S.A.N.

localhost is a leftover from the countless trial and errors

Edited the post

also added source guides

Keep up