that’s genius. i have never even considered that you could use a (sub)domain with a local ip like that to get a certificate from a trusted ca. i ma not sure i understand the neccessity for api access to your dns service. is the txt record for LE different every time you have to pass a challenge? otherwise i imagine you could just set and forget the record.
thank you for the explanation, well appreciated!
could you expand a bit on your edit? so bitwarden extensions need a valid ssl certificate for the domain where the server is hosted? how do you get that for (i assume) a local domain? thank you for your time!
i trust proton quite a lot, but the open source part seems to be only partially true. on their github, i can only find client side code (ie. browser extensions, mobile apps), not the server code, which bitwarden does publish
tbf it seems to be a common issue with search engines atm. brave also has the stupid ai response topmost, and startpage without adblock pushes in so many sponsored results that you need to scroll to get to anything else