SShortSingh.
Back to feed

How to Set Up Nginx Reverse Proxy with Internal SSL Using a Private Root CA

0
·1 views

A developer has published a technical guide on building an internal Nginx reverse proxy secured with HTTPS using a self-built Public Key Infrastructure (PKI), without relying on any public domain or IP address. The setup is designed for closed networks such as hospitals, schools, offices, and homelabs where public certificates are not applicable. Instead of a basic self-signed certificate, the guide recommends creating a private Root CA that signs a wildcard certificate covering all subdomains under a local domain. Browsers are configured to trust the Root CA, which in turn validates all certificates it issues, eliminating 'Not Secure' browser warnings. The guide walks through OpenSSL commands to generate the Root CA key and certificate, create a wildcard CSR, and sign it with a five-year validity period.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

KREO auto-generates REST and GraphQL APIs from SQL table definitions

A developer has launched KREO, a backend tool that automatically generates REST and GraphQL APIs as soon as a SQL table is defined. The platform aims to eliminate repetitive backend setup work such as building CRUD APIs, adding authentication, caching, and websocket support. KREO is currently free in beta, offering up to 100,000 requests per month with no credit card required. A read-only demo environment with pre-loaded data is publicly accessible without sign-up at app.kreo.work/demo. The creator is seeking community feedback on missing features and potential blockers to adoption.

0
ProgrammingDEV Community ·

Assigning Unique Run IDs to Each Test Eliminates Flaky Notification Jobs

Flaky notification tests often fail not because of email complexity but because workflows lack a single identity per execution, causing workers and checks to mix up messages across runs. A developer found that assigning one unique Run ID at the start of each workflow — and threading it through every component, alias, and payload — resolved most of these ambiguities. The approach replaces vague inbox-level checks with strict assertions tied to a specific recipient, event, and expected message count for that run. The same mental model applies beyond email, covering Slack alerts, webhook callbacks, and SMS checks that fail for identical reasons. When a job fails under this setup, the error clearly identifies whether delivery, metadata, or deduplication broke — removing guesswork from debugging.

0
ProgrammingDEV Community ·

Desktop Commander MCP Gives AI Agents Full Computer Control via OS APIs

Desktop Commander MCP is an open-source tool trending on GitHub with over 6,500 stars that allows AI agents to control a computer through structured operating system interfaces rather than visual screen recognition. The tool functions as a Model Context Protocol server, enabling compatible AI clients to perform filesystem operations, run terminal commands, manage processes, and execute code directly in memory. Unlike vision-based control methods that rely on screenshots and pixel coordinates, Desktop Commander uses precise API calls such as read_file and start_process, making it faster and more reliable. It also supports reading and writing common file formats including PDF, Excel, and DOCX without requiring dedicated software to be installed. The tool includes features like smart process readiness detection, ripgrep-powered file search, and fuzzy text matching with diff reporting, addressing common pain points encountered when AI agents interact with real codebases.

0
ProgrammingDEV Community ·

Developer Questions Whether Multi-Model AI Systems Can Truly Reduce Hallucinations

A developer building a multi-expert AI system — which routes user queries to several specialized models and aggregates their outputs — has raised doubts about whether the approach genuinely improves accuracy. The core concern is that if each individual model is prone to hallucination, pooling their responses may only make unreliable answers appear more credible rather than correcting them. The developer notes that testing such systems on known questions measures memorization, not reasoning, leaving performance on genuinely unknown problems unverifiable. While acknowledging the multi-model cross-validation concept is logically sound, the builder concludes the approach breaks down when the underlying models lack a baseline level of reliability. This reflection has prompted a new question: whether meaningful validation should occur within individual models themselves, potentially reducing data dependency and enabling a form of AI self-correction.