|
|
Today I spent quite some time on IPv6, but it's still pretty cool to directly access the internet with it. The problem is that my home broadband can't bind to domain names, so even if I use IPv6 and port forwarding, the domain name gets blocked when I try to access them through IPv6.
So I decided to just use an IPv6 address for all my access points, and forget about binding domain names altogether. However, since IPv6 doesn't have certificates, remote access always prompts me to use insecure methods like TLS/SSL, which makes me crazy. So I signed my own certificate, imported it into my local CA, and used it as the certificate for https services. But after trying for a while, it didn't work because I had to specify the domain name in the certificate too, which caused issues. I tried using wildcard characters (*) as a way to bypass this issue, but it didn't work either, and the browser still said "untrusted". After searching for information, I found out that only *.xxx.com is trusted by most browsers, not whole domains or IP addresses. Then I tried using IPv6 as the certificate domain, and the browser finally accepted it. However, IPv6 is dynamic, so I can't renew it every time the IP changes, which is really annoying. |
|
发表于 2024-8-18 20:50:35