When i was trying to generating the certificate through ACME and after selecting the option for generate the certificate, it is asking for host name, so i provided the host name but it is giving some errors, so need help for this.
But in the hostname there is no any dot, so how to resolve it?
what domain name you want to sign for?
Let's Encrypt generates only Domain Validation certificates which in turn validate public domain names. You therefore must own or control a real domain, and that's the name that needs to be on your cert.
This is not a valid name to obtain a globally signed certificate for:
@Ravi_Prabhakar in trying to provide better answer can you share what isn't clear on this Help Topic of yours Can we generate the SSL certificate without any domain? that meant you needed ask for the Help of this Topic?
I do believe some critical small nugget of missing information is the issue at hand, I am trying to learn to see what small gems of information that the OP needs in a fashion to better help.
Let’s Encrypt offers Domain Validation (DV) certificates.
Thus you need to own and have control over the Domain Name (or have a subdomain under an existing domain name, for example pointed to your server by your employer or school) you wish to obtain a certificate for, from an ICANN Accredited Registrar.
For Let’s Encrypt to issue a Domain Validation (DV) certificate Domain Validation must happen
and it is a CA/Browser Forum Baseline Requirement.
Let's Encrypt uses Multi-Perspective Validation Improves Domain Validation Security - Let's Encrypt
Since these are Domain Validation (DV) certificates the Domain Name System (DNS) is used extensively in the validation process as well a allowing us to assist here on Let's Encrypt community.
DNS Queries need to give consistent results from any location on the Internet, all your authoritative DNS Servers for the Domain need to also give consistent results as well.
I want ot generate the certificate through WIN-ACME application, so how can i generate through that?
Step #1: Get a valid FQDN.
Well if the Certificate does not need to be publicly trusted you can setup your own ACME CA Server,
I think then you can choose non-FQDN (not positive).
Why? Why do you want a certificate in the first place, and why do you care that you get it using that application?
You can, as long as that local CA can resolve the name. Or you can just use the step CLI binary (edit: on a client system) to get and renew the cert, without involving ACME in any way. Though it's far from clear what OP wants to do with a cert.
What is FQDN?
Fully-qualified domain name. As you've been told repeatedly in this topic already. Why do you want a certificate in the first place?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
