Can i use LetsEncrypt in localhost?

devilwork · October 26, 2016, 7:00pm

I would like to use ssl encrypt in my website, but im already in the develop proccess, i had purchase the domain ‘.uy’(TLD) and a VPS(with debian 8) in hetzner but for a while in working on it in a local environment with a ubuntu16.10 and apache installation with virtualhosts.

i have the following configuration in my local environment

<VirtualHost *:80>
    ServerName mydomain.dev
    ServerAdmin staff@mydomain.dev

    DocumentRoot /var/www/mydomain.dev

    <Directory /var/www/mydomain.dev/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>

</VirtualHost>

and then because ‘mydomain.dev’ doesnt exists i put it con /etc/hosts
you know 127.0.0.1 mydomain.dev

in terminal with cerbot

./certbot-auto

i get this error, i know is because 127.0.0.1 isnt a valid ip address but i have to say im more a developer than a sysadmin

Failed authorization procedure. mydomain.dev (tls-sni-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for mydomain.dev

is a bit uncommon what im trying to do but just asking if exists some 'trick’
thanks.

warning: my english can be horrible xd

serverco · October 26, 2016, 8:00pm

You can not get a certificate for mydomain.dev (when it doesn’t really exist), No.

If you own domain.uy then you could get a certificate for dev.domain.uy if that helps ?

schoen · October 27, 2016, 8:19pm

Also, after the certificate has been issued, you can install it on your own machine and use it in localhost connections.

An alternative that doesn't require a certificate authority at all is to make a self-signed certificate for dev.domain.uy (or, if you prefer, mydomain.dev), and install it in your server on localhost. Then the first time you connect to it, add an exception in your web browser to tell it to trust that certificate. After that, you can use the self-signed dev certificate within your own machine without getting a certificate error.

leader · October 28, 2016, 6:44pm

As mentioned above, self-signed certificate is a way to go with this. In fact, in that case it would work even without the domain name, just with an IP. They are easy to create, but if you are having any troubles, you can create one in one click here (just enter that non-existent domain or IP into the top field).

system · November 27, 2016, 6:45pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.