End-To-End Encrypted (EE2E) Websites? - eviltoast

Is there a way to develop and website using JS (and perhaps PHP) to create an E2EE website. Were all packets sent between the server and the userw device are E2EE, wrapped in a layer of encryption?

I know there is HTTPS but I am looking for something stronger than HTTPS.

By using some JS or PHP E2EE package, would I have to write or structure the website code very differently than you normally would?

  • trymeout@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    10 months ago

    I may not have a domain name, and therefore no HTTPS, just HTTP only and can only connect by knowing the IP address and port number.

    • Lmaydev@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      10 months ago

      I feel like you should just use a reverse proxy tbh.

      Is it internal? Because otherwise this is a super bad plan

    • towerful@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      And you cant use self signed certificates because?
      They provide the same level of encryption. The benefit of a domain and a trusted CA issued cert is that browsers/os will automatically trust that the server is who its said it is (ie you dont get a warning).

      But if you import your servers root CA to your OS, then your OS (and browser) will automatically trust any cert issued using that root cert, thus you dont get a warning.

      With or without a warning, it will still encrypt at TLS1.3