Also: set up a web site on a private network, which works without modifying every browser/OS that needs to access it (e.g. installing a custom root cert), and which doesn't depend on a third-party organization. (e.g. a CA)
This will still be a problem even when you can get free domain-validated certs from Let's Encrypt. That's still an outside dependency for a private system.
This will still be a problem even when you can get free domain-validated certs from Let's Encrypt. That's still an outside dependency for a private system.