Our team now needs to do confidential projects. We want jitsi to run completely on the internal network, we do not intend to use the domain name, so generate a self-signed certificate for IP 192.168.*. *, the mobile terminal can not access. what should I do?
Mobile browsers won’t accept selfsigned certs.
In theory, you may buy a valid ssl cert for a private domain/subdomain and use that, then on your local DNS just point that domain/subdomain to the correct LAN IP address, and that’s it.
As long as the SSL certificate is valid (you may buy a 2 year cert), then you’ll be able to use mobiles.
I’ve done some projects with IoT devices that need such scope, is not perfect but it works at least for the next couple of years.
Haven’t try it on jitsi-meet though.
Thanks for your reply, I consulted a Certifiicate Authority, They does not generate a certificate for LAN IP, our team does not have a public network IP, Because it is not safe.
Do you mean generate a public IP or domain certificate, and then set up a DNS server on the local network, Because we can’t connect to the Internet.
If you are using it only on the internal network, you can issue a certificate yourself and trust it. You don’t need external CA if you are not going out at all. Certificates are about trust – you trust your own CA, so no problem.
You can set up your own CA and then install its root certificate on all your company devices that will be using the internal deployment of Jitsi Meet.
Then you can issue a certificate either for the internal DNS name or for the local IP and it will work.
Thank you for your reply,I probably understand what you mean.
Is there code that has guidance?
A lot of info in the Internet, it’s a general topic, not jitsi specific, here are few examples:
and something more detailed:
As long as your ssl is valid, your application will work, even when you have no access to internet. Otherwise mobiles will fail/not work.