I have a domain that requires HSTS preload. I want to self host a few things using that domain (and subdomains), like nextcloud, pihole, and vaultwarden. How much of an issue is HSTS preload going to be if I do that? Will I need to set up a wildcard cert for everything? Or will it just work™️ because it’s internal or traffic is through a VPN?
I can’t find much about this so any help would be appreciated!
Google is the registry that owns the rights to the TLD. They require all of the domains they control to have HSTS preload enabled.
Then yeah, VPN or not, you’re going to need to enable TLS. What’s the issue with giving your subdomains a certificate?