Letsencrypt works really well for our applications as long as they have a fqdn. However we would like to encrypt our internal traffic - preferably with the same certificate - as well. In kubernetes you can connect to an internal service by using just the service name. Unfortunately that causes the url not to match with the domains in the certificate.
Would it be possible to allow just a hostname in the certificate as well without this compromising security because you obviously don’t “own” the domain.
For example, we have these 3 applications on different environments:
But internally they can all be accessed by other applications using just https://application/. Can this be done?