DSMaVie
commented
9 months ago Moving this to the next milestone, as this probably solves many security risks but is not necessary outright.
Closed DSMaVie closed 7 months ago
DSMaVie
commented
9 months ago Moving this to the next milestone, as this probably solves many security risks but is not necessary outright.
DSMaVie
commented
7 months ago As it turns out this is a non-issue
Authentik needs a certificate for all sorts of signing. By default, this is a self-signed certificate from authentik. This has made some problems, i.e. the wp extension we use tries to verify the integrity of the ssl cert which it cannot when authentik self-signs. This can easily be remedied when we add a small certbot that feeds authentik a lets-encrypt cert for that reason. See https://goauthentik.io/docs/core/certificates/.