SSL Certificate help on local network

Hi team,
I’m a little stuck figuring out the best way to create a certificate for my application.

I have a web application (server) that I run on my hardware (windows PC). I connect to this and control my hardware from an iOS (Safari) browser via a local network.

I’ve tested self signed certificates and my application works well (I need SSL as I have things like geolocation that iOS needs ssl to support). The only issue with my self signed cert is that it shows a security warning and I have to click through.

I have dozens of these setups around the place, all 1 to 1 connections on local networks between windows server and iOS client.

I’m wondering what is the best certificate to buy, Ideally I don’t want to have these expire in 1 year as my devices are not always on the internet and might not be updated regularly and I don’t wan’t customer support issues down the track when certs expire.
Any thoughts on a CA provider that would support my needs?

Hello,

I’m not sure that you can do what you want, in order for your certificate to be validated it has to check with the CA I guess, I have similar issues , in this case you would need to buy a cert for 5, 10 years and forget about it and then route the traffic to that server to a domain that is same with the certificate but resolved locally .

For example buy a cert company.com and on the local dns you point your company.com to resolve 192.168.100.2 (the server ip) , this will work until the moment you need to renew it.

hope it helps

Just a heads up that this article / limitation may apply:

Maximum SSL/TLS Certificate Validity is Now One Year - GlobalSign

Thanks both,
I’m wondering now if I have control over the DNS, has anyone run utilities on Windows to resolve DNS calls locally?
I’ll keep poking around the net to see if their’s a solution to my problem, but I guess by definition, I’m trying to work around SSL security…

This article appears to discuss this issue:

true, I forgot about that one, thanks Tim