@J12t
I've been thinking about this for a while - https://shkspr.mobi/blog/2017/11/theres-no-https-for-the-internet-of-things/
The only good answers are:
* Accept a self-signed certificate on your devices.
* Use the cloud.
* Get a domain name for your home IP address and do a lot of port-forwarding.
* Go IPv6 on everything and expose your internal devices to the Internet.
It is probably a very bad idea to have certificates for local addresses.
@Edent variety of ways to solve this. Personally, I want to be my own local CA for my own network. So I would get an official domain name, say home.example, get a cert for it (eg letsencrypt) for my gateway device, but that cert would have the flag set that allows it to issue its own certs. I use that to issue CERTs die the devices on my network, all which get a dns name like temperature.home.example.
Lots of pieces would have to be made to work, but doable I think.