Haha. Shooting your feet with HSTS (in a small way): When you set up a domain with HSTS, you can't just run some random other web service with a self-signed certificate on an arbitrary port.


@galaxis You need a reverse proxy on another machine, firewall 8080 to 433 proxy - proxy to 8080 target machine. Nginx proxy manager does that for me with HSTS

@adrian I'll add a reverse proxy for the search UI on a standard port in the long run, but in this specific case, the YaCy web interface and peer communication needs to be available on port 8090 and 8443 for other nodes to be able to talk to it.

A quick workaround to access the admin and search UI from the outside is either using the IP address of the host, or adding another CNAME that's not tainted by HSTS (or use a private browser window that doesn't know about cached data).

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!