hey Jack (good Name FYI)
we had spotted that and had Just tried to CNAME a domain we have to resindevice.io and passing the Device UUID intact. we had a Public DNS CNAME record for .example.com to .resindevice.io and no joy not even an invalid Common Name error from the Cert. I’ll retest as i need to get the CNAME reinstated as we have replaced that device now.
Ideally we would do this in production with a DNAME record.
i can see the reasoning behind using a reverse proxy but i would really like to see at least TLS Client Auth on the inside of the reverse proxy to resindevice.io TLS Server. sadly though that wouldn’t answer my concerns on Open https via public URL
The ability to do that and use a DNAME would be a graceful solution to accessing devices’s web interface as an end/nontech user. all without having to worry about things like inward permissions and NAT Traversal that are the standard on most networks today.
Jack