Thankfully, my network is more complex than most home networks. All my devices are set to ONLY work on my network. Wireless devices route through vpn to my network.
Thank you for the reply, either way.
I would love a better way to have a cert, a signed and proper cert, for my network, but I think the only choice is Let's Encrypt or whatever it's called now. I still am kind of leery about them. Some times, something that looks too good to be true, truly is. I will await the verdict in a year or so to see how they actually do.
So this runs to a different question: Any way to obtain a cert, for my network only, to authenticate my hosts and clients (At any given time, my network has ~25 clients, depending on which systems I have running at the time and which phones are powered on) before going out on that damn internet? I really don't want to pay for a cert, especially if it's fallible (Symantec.) -- Are they are any truly trustworthy ones left? Or should we just byte the bullet, roll our own cert and keep vigilant on logs (what I'm doing now)?