| ▲ | Joker_vD 4 hours ago | |
Yep. You apparently need HTTPS for intranet resources too, or you can't develop/use web-apps in Chrome, and since no self-respecting CA would certify your localhost, internal homegrown CA it is, baby — and given the web runs on the lovely model "any CA can attest any website; okay, maybe CAA is not a bad idea"... | ||
| ▲ | NoahZuniga 3 hours ago | parent [-] | |
Even with CAA records, any CA can still create a cert for any website. So if you're worried about an untrustworthy CA, then this won't help you. It could make it less likely for a CA with buggy code to accidentally issue a cert for your domain. | ||