My company use .local
for intranet web services. I recently installed a GitHub Enterprise server thus available on github.mycompany.local
. Unfortunately it seems impossible to create a signed certificate on such extensions.
I would like to find a solution where I can use a trusty certificate accepted by both my web browser and my local Git without having to put my server into the DMZ.
What are the options?
Let's explain this with different words. A company would like to have intranet web services, but those services have to be secured with TLS/SSL. As they can't have a connection to the real world, they can't use any "standard signed certificate". How can they do this without giving up and chose between:
- Let's educate our employees to accept self-signed certificate each time they want to accept our web-services...
- Let's simply use HTTP. The login passwords will be exchanged in clear, but nobody will try to hack the company from the inside...