I want to generate the SSL certificate but without using domain name because this is not for the web sites, this is for the application which runs on some kind of simulation server.
1 Like
Then you'll need to get it somewhere other than from Let's Encrypt--they only issue certs for public domain names.
7 Likes
So can we generate through the certificate through the ACME application?
What do you mean by "simulation server" here? Like a server that is used for system administration practice (simulating a public server on the Internet), or like a server that hosts some kind of simulation (like a strategy game or physics application)? What would the purpose of the certificate be?
4 Likes
The easiest way to get a trusted certificate via ACME is to use a real domain e.g if your company has the domain examplecompany.com you could get a certificate for internal-app-01.examplecompany.com. You would typically use DNS validation to achieve this (where a DNS challenge TXT record is updated in your DNS so that the CA can see it).
You can use ACME to get a certificate for a non-public website using:
- an internal/self-hosted certificate authority such as SmallStep step-ca and distribute that CA root certificate to client machines so that the certificate are trusted
- or you can just self-sign a certificate and have users trust it when they encounter it.
You don't mention whether the application is running on a windows or linux server but there are also tools you can use to integrate ACME and ADCS (to run an internal CA using Windows AD Certificate Services): GitHub - glatzert/ACME-Server-ADCS: ACME (RFC 8555) Server compatible implementation, connecting to Active Directory Certificate Services (ADCS)
4 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.