Internal HTTPS names can break on a home Mac mini server

Internal need the browser address and the name to match. A for `lan.mydomain.com` and `*.lan.mydomain.com` works with `https://storage.lan.mydomain.com`, but it does not work with the short address `https://storage/`.

The network uses `dnsmasq` and Pi-hole for , and the DNS search domain is set to `lan.mydomain.com`. `nslookup storage` finds `storage.lan.mydomain.com`, but browsers still do not treat the short name as the .

The same behavior appears on Windows and Linux, and in Chrome, Chromium, and Firefox. Self-signed s or installing a private authority on every friend's PC would add more work and can be made worse by antivirus software.

Key points

  • A wildcard can cover `storage.lan.mydomain.com`, but not the short name `storage`.
  • search settings do not automatically make HTTPS checks pass in browsers.
  • The issue appears across Windows, Linux, Chrome, Chromium, and Firefox.
  • Installing a private authority on other people's PCs can be painful, especially with antivirus software involved.
  • For a Mac mini , simple and consistent internal names matter before sharing services with others.
Read original