*Secure by Default* Automatic HTTPS setup and management - Question about SSL/HTTPS

[jp978]

Hello, I may be in a bit deep for my knowledge level, but I recently got a pretty nice little NAS and figured why not try to host a c2 server on it.

 

Just curious as to what is meant in the "Cloud C2 Features" section when it says: "Secure by Default Automatic HTTPS setup and management".

 

I have set up a domain and pointed it to my IP using cloudflare and portzilla. It works, and I know cloudflare's "flexible" SSL option uses LetsEncrypt to provide security between the user and cloudflare, but not from cloudflare back to my server.

 

I was looking into figuring out how to generate a certificate and putting it on the server so that everything is encrypted. Is that necessary?

Thanks for any and all help!

 

[jp978]

Actually thinking back, the reason I even thought about using a domain name was because when I originally tried to login, my browser told me it wasn't secure and to be careful when inputting credentials. 

Then researching LetsEncrypt, I believe I read it only works with a domain name.

 

It probably makes more sense not setting up a c2 server with a domain name, right?

 

Maybe I have some fundamental misunderstandings with what I am doing lol. I am new to alot of this, particularly the web stuff.

Nonetheless, if anyone could shed any light, information, or point me in a direction to get more familiar with anything related, it would be greatly appreciated.

 

 

Thanks again for your time everyone!