Advices for certificate regarding my use

[smilorel]

Hello,

I am looking for some advice about certificate because I don't know very well this part.

I have one Proxmox node and several nodes like NginX PM, Wireguard, Adguard ...
Some of these nodes could be exposed to internet via NginX but others no (like my proxmox administration, my VPN ...). For those I would like to expose I can use NginXPM but how to deal with others ? I was thinking about autosigned certificate but I don't know if it's a good solution or not. If yes, is ACME could be a good solution to have one certificate and share it with my containers ?

All of this because I would like to use https ...

Thanks for your kind reply.
smilorel

 

[the other]

hey there,
I have not very much experience with certs as well...so beware!
Here (since nothing is exposed to the internet / nothing reachable) I go with self-sigend ssl certs (using cert manager of pfsense). It works okay, I use https in my lan and don't get annoying browser warnings and red lock symbols.
BUT: that only works internally, pure LAN usage.you could go and mix iE self-sigend with -lets-encrypt certs...but then, in case you need "real" certs (that are accepted fully by browsers and such) for using https, you could stick with iE Lets Encrypt....you'll need a domain (costs a bit yearly). Then you can request a wildcard cert. Those are said to work nicely with NginxProxyManager...using DNS challenge allows even to not open that 80 Port for cert renewals...
So: try to get into information about "wildcard certs" and "own domain for dns challenges" to find your own way with it... The more you know the better your decision for your own individual need.