Can this service be used for internal web sites that are not accessible from outside the domain

Ok so I am new to this service, and I was wondering if Let's Encrypt could also issue certs to internal sites. We have a help desk site as well as a internal company portal.

Same question here.

Hello @sparksjoseph and @Kurgen, welcome to the Let's Encrypt community. :slightly_smiling_face:

Let’s Encrypt offers Domain Validation (DV) certificates.

For Let’s Encrypt to issue a Domain Validation (DV) certificate Domain Validation must happen
and it is a CA/Browser Forum Baseline Requirement .

Please read Certificates for localhost - Let's Encrypt

Also if you have a Domain Name you can get Certificates issued via the DNS-01 challenge of the Challenge Types - Let's Encrypt
DNS providers who easily integrate with Let's Encrypt DNS validation


Moved from Feature Requests to Help.


So, yes, Let's Encrypt can issue certs for internal sites--I use it myself for lots of applications that are available only on my LAN. But, as Bruce posted above, you must be able to pass one of the validation challenges, and one absolute requirement of any of those challenges is that you use a public domain name with public DNS records. So you need a cert for No problem. But helpdesk.lan or itsupport.internal won't work.


The most popular way to do this, is to use the DNS-01 challenge to obtain the certificate. That requires modifying public DNS records to handle the authorization. The HTTP-01 challenge can be used – but you will either have to let public internet traffic into your LAN, or obtain the certificate outside of the LAN and copy it over. That is quite a bit more work to automate.

After you obtain a certificate, you can either use local or public DNS to handle the routing.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.