Until now, I can't quiet get to the bottom of this.
Long time ago, talking about within intranet or home network, I came to conclusion that there is no way around this.
Wanted to revisit this, hoping someone could tell me a short answer.
Within a close network, like my home network.
Is there a way to tell browser that website (ignition gateway) from my home server is safe?
Fundamentally, there are two criteria to satisfy to be "secure":
Use HTTPS, which is encrypted and checks the endorsement (signature) of the web site's encryption certificate, and
Offer a signed certificate, possibly with intermediate certificates, where the ultimate endorsement is by a "trusted" certificate authority.
That's it. The devil is in the latter part's details:
Browsers are pre-loaded with a set of trusted authorities by the browser supplier.
Additional authorities can be added by users, in most cases. (Mobile devices make this difficult.)
So there are two paths you can take:
Get a certificate signed by one of the pre-loaded authorities. Most of these require $$. But Let's Encrypt is one that does not require $$.
Create your own certificate authority, and sign your own server's certificate with it, and load this custom CA into all of your users browsers.
Thanks for the quick response..
At least now, I know how to communicate to an IT.
This is the type of lessons I soon will understand, then forget it once again.
Probably I fail to grasp the handshake going on..
And this stuff, if find it hard to relearn.