I’d like to add that Dutch state news broadcaster NOS now offers Teletext though SSH. Just type `ssh teletekst.nl` and you can browse through all their pages.
They fully revamped their Teletext backend a couple of years ago to their own solution. They had archaic hardware still, and had to fly in some one from the UK (fully pensioned and well) to service it
An internal certificate authority would probably be the easiest option. Combined with MDM/group policy, you could tell most devices in your network to set up a trust chain of your own. From then on you can automate access by running your own ACME server internally to automatically hand out certificates to local devices.
The automated setup probably isn't very secure, though. Anyone can register any .local name on the network, so spoofing hostnames becomes very easy once you get access to any device on the network. Send a fax with a bad JPEG and suddenly your office printer becomes xvilo.local, and the ACME server has no way to determine that it's not.
That means you probably need to deal with manual certificate generation, manually renewing your certificates every two years (and, if you're like me, forgetting to before they expire).
I just got myself a proper domain name. You can get a domain for pretty cheap if you're not picky about what you get. You could for example register cottagecheese.download on Cloudflare for about $5/year right now.
I have my domain's DNS on Cloudflare, so I can use DNS verification with Let's Encrypt to get myself a proper certificate that works on all of my devices. Then I just have Cloudflare DNS set up with a bunch of CNAME records to .internal addresses.
For example, if I needed to set up a local mail server, I'd set mail.cottagecheese.download to have a CNAME record pointing to localserver.internal and then have my router resolve localserver.internal to my actual home server's IP address. So if I punch in https://mail.cottagecheese.download in my browser, the browser resolves that to localserver.internal and then my router resolves that to 10.x.x.x/32, sending me to my internal home server that greets me with a proper Let's Encrypt certificate without any need to expose my internal IP addresses.
Windows doesn't seem to like my CNAME-based setup though. Every time I try to use them, it's a diceroll if it actually works.
Either pin the appropriate server cert in each application or run your internal CA (scoped to that domain via name constriants) and deploy the root cert to all client machines.
If you're not setting up your own instance, make sure to help fund the instance you are using. Maybe it's on the about page or DM/Mention the server admin! They can tell you where to donate
I'm not really positive about the community made generator. The spec itself is great, but that's where it stops. Code quality is low of the generated clients and servers, the handlebars templates makes it hard to develop for and don't get me started about the PR reviews. Basically nothing happens.
We've given up and started to create our own generator. Even this is a hard thing to do as the available parsers in our language are horrible too.
I got access last month to the closed beta and it's indeed still very Barebones and buggy on Marcos. Although, they seem to be pretty active on the bug tracker, I think it will take some serious time before its ready.
They fully revamped their Teletext backend a couple of years ago to their own solution. They had archaic hardware still, and had to fly in some one from the UK (fully pensioned and well) to service it