Get certificate for internal website

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is :
I ran this command:
certbot certonly --webroot --webroot-path /var/www/html --renew-by-default --email myemail --text --agree-tos -d -d
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
Ubuntu 18.04 LTS

hello I am trying to obtain certificate for internal site, we can use manual or webroot command to validate stite ownership but with every method I am geting Name does not end in a public suffix error

Command i’ve tried is below

certbot certonly --webroot --webroot-path /var/www/html --renew-by-default --email myemail --text --agree-tos -d -d

sudo certbot certonly --manual --preferred-challenges http

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel):
Obtaining a new certificate
An unexpected error occurred:
Error creating new order :: Cannot issue for “”: Name does not end in a public suffix

Hi @m.kapadiya


is your answer. You can't create a certificate with that domain name. A domain name must end with a public suffix - .com, .net, .de, .biz ...

1 Like

Is there anyway I can use for internal domain?
self signed certificate not working for some of browser so we want to use this

Yes, change your domain name to one that actually exists that you own and control the DNS for. Your machines don't have to be exposed to the Internet, just a DNS zone that you can write to.

As a publicly trusted certificate authority, Let's Encrypt must abide by the rules of the CA/Browser Forum. That means not being allowed to sign certificates for fake domain names.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.