I like Tailscale but I wish you could make the Android app always default to using a certain exit node when it starts. You have to enable the tunnel them go into the menu and select an exit node every time. It’s a pain.

With my Wireguard client I can just start it with a shortcut and be running in a second or even default to always on with no interaction, but it won’t tunnel over https like Tailscale will to get around restrictive network firewalls that only allow outbound port 443.

A certificate authority doesn’t have a copy of your private key, you send them a certificate signing request. The private key never leaves your system. That’s the whole point of public key encryption.

Check for Black Friday deals at mxroute. I signed up last year for $10/year.

My wife and kids can add things through Overseer without bugging me and it’s all authenticated with their Plex account so no extra user accounts to manage. I even use it occasionally to discover new things to watch. Plus it can just automatically add stuff from a user’s Plex watchlist if they discover things that way. Fantastic program.