Create a certificate for internal domian

Help
1

Hi All , I would like to know how do i create a certificate for with a local dns name.

Thanks

2

What do you mean by "local dns name"?

Because a public CA can only issue certificates for hostnames that are in the public DNS.

2 Likes
3

I mean *.internal

4

That's not a hostname in the public DNS, so no Let's Encrypt certificate possible. Nor any other publicly trusted CA for that matter.

See Certificates for localhost - Let's Encrypt for possible solutions. Even while localhost might not be fully applicable, it also mentions stuff about creating your own certificate or even your own private CA.

4 Likes
5

image
image405×235 3.62 KB

it was created someone early and no idea how it was done

6

Well, that common name is NOT *.internal But *.internal.uds.university. And uds.university is in the public DNS, so the subdomains of that domain too. The fact that this subdomain is called internal doesn't matter.

In the future, please be more careful with your answers, as your previous reply was NOT complete and misleading.

It's perfectly possible to get a certificate for *.internal.uds.university using the dns-01 challenge.

uds.university seems to be using Cloudflare as their DNS service provider, making it quite easy to do. HOW this was done is another story however, as there are many, many different ACME clients out there.

3 Likes
7

any ACME tools recommanded

8

Without knowing your needs, it's not going to be possible to make any recommendation. Take a look at this list and think about your use case. Maybe you will see one that matches your environment and other preferences.

3 Likes
9

Your DNS is cloudflare, so you can use any tool that has a cloudflare plugin for DNS challenges. You would need an API key which has write permission to that zone to create TXT records. The tool will then create/update an _acme-challenge txt record for each subdomain you are trying to get a certificate for as a "challenge response" for the CA to validate your domain control.

ACME tool recommendations will depend on which operating system you will be hosting your service on, certbot is the defacto standard for linux but that are hundreds of tools.

1 Like