Isolated LAN serving HTTPS

Even though I talk about webRTC below, the use of a web server serving https (ie Caddy) in an isolated LAN seems to be my problem statement.

My fledgling company wants to provide outdoor teams the ability for group voice communication without the need of special handsets or antennas (just use an app/browser on their phones). The good news is they will all be within about 100m or so. The bad news, we’ve recently found out, is that cell coverage will typically suck or be nonexistent. In fact, I’m not even sure about back end internet at all.

So, my initial prototype with a cloud-based webRTC API, which was working great, falls flat once backend connectivity is spotty.

My idea was to see if I could deploy local webRTC server(s) on a laptop with the team. So, laptop, and all mobile devices on the same wifi signal. In theory, it seems this would work as the laptop can be the signaling server but I can’t break through the hurdle of https, trusted domains, etc…

If I was going to deploy this at scale, hundreds of teams would have their own isolated LAN webRTC.

Any ideas on a) if this is theoretically possible/practical and b) a couple pointers on where to start?

I truly appreciate any advice.

Welcome, @bux225!

Sounds like a cool problem. I’m pretty sure Caddy can help you.

It sounds like your primary relevant question here is regarding “breaking through the hurdle of HTTPS, trusted domains, etc…” – in other words, using HTTPS on a field with no Internet access.

You can do this with Caddy 2, which has its own fully-managed PKI system. It “just works” if you simply turn it on. The problem is, it uses a certificate that is only trusted on that machine.

Caddy 2.1 will have an embedded ACME server which has the ability to issue certificates for any internal sites/services. You just have to get its certificate installed onto all the clients so they trust it. There’s whole books that can be written about doing this, but Caddy is up to the task for sure.


This topic was automatically closed after 180 days. New replies are no longer allowed.