I am just starting to investigate setting up Let’s Encrypt for our Desktop Central server. This server is installed on a Windows 2012 server. I believe it runs on Apache. Right now it only has an internal domain with a .local as it’s not set up for external internet access. Has anyone set up Let’s Encrypt on Desktop Central? Again I’m brand new on this so looking for some guidance or just confirmation that it’s even possible.
you can't create a certificate with .local as the last part of the domain name.
If you want a public trusted certificate, you need a public visible domain name which ends with an entry of the Public Suffix List:
https://publicsuffix.org/list/public_suffix_list.dat
The domain name must be unique - worldwide. So Letsencrypt is able to check you are the owner of that domain.
We own itcuso.com which is accessible world wide. Currently that website is hosted at GoDaddy. Could we use that domain?
Yes, that's the typical situation.
Create an A (ipv4) or / and an AAAA (ipv6) DNS record with the ip address / addresses of your server.
Then update your server that a running webserver answers, if you go to
http://itcuso.com
with your browser.
Currently we have www.itcuso.com. So would we make a wildcard cert with Let’s Encrypt so it works for the www.itcuso.com and any other combinations like https://dc.itcuso.com which doesn’t exist yet? Is there a guide for setting up Let’s Encrypt for a scenario like this? Appreciate your help.
If you want a wildcard, you must use dns-01 validation.
So you don't need a running webserver, instead you have to create a dns TXT entry.
Start there:
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.