Petter1@lemm.eetoSelfhosted@lemmy.world•ICANN approves use of .internal domain for your networkEnglish
1·
1 month agoJust use only VPN to access your services behind the reverse proxy, if you want prevent unauthorised connections.
CA certificates are not here to prevent someone accessing a site, they are here, so that you can be sure, that the server you are talking to is really the one belonging to the domain you entered and to establish a tunnel in order to send the API calls (html, css, javascript etc.) and answers encrypted.
And additionally, you can sign intermediate Certificates reducing the risk even more, since you can revoke and re-issue new ones any time.