I vaguely remember reading something about leaking your private network setup if you used Let’s Encrypt to generate your certificates.
Because of this when I installed my reverse proxy with caddy to handle my selfhosted home network I configured it to generate the certificates locally.
But this comes with the issue of the annoying warnings of the browsers plus being unable to connect to those devices/services which can’t ignore it.
Am I being too paranoid? Is there any real concern about generating the certificates with Let’s Encrypt for addresses which I don’t intend to have outside my private network?
I wrote about the problems last year
https://shkspr.mobi/blog/2022/01/should-you-use-lets-encrypt-for-internal-hostnames/
Cloudflared.
Archive version: https://web.archive.org/web/20230603110514/https://shkspr.mobi/blog/2022/01/should-you-use-lets-encrypt-for-internal-hostnames/
Not sure what you mean? I don’t use Cloudflare as a CDN.
When I visit the link with JavaScript disabled I get blocked by a site stating “Please wait while your request is being verified…” and then nothing happens even though the actual site behind that screen displays fine without JavaScript.
Are you using a VPN? Can you share a screenshot? I don’t use CloudFlare, but my host does block users which are from IP addresses which have previously been used for abuse.
Tor Browser on Android. It happens on multiple circuits with different exits. Not an image by me, but it looks like this: https://global.discourse-cdn.com/cloudflare/original/3X/c/3/c38eaed81c96ac19e4fd5a69d4257445b391927e.png
I don’t support TOR, sorry. I got to much abuse from it and its users.