How can I get a *.my.ionosdomain certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: my.Ionosdomain
pointing to my myfritz domain with cname
I ran this command: get SSL certificate with NPM

It produced this output: no wildcard certificate without a DNS Challenge

My web server is (include version): wan to use it for reaching my VMs and Synology devices internally

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: IONOS

I can log in to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

The problem is the DNS Challenge


there is no IONOS

Pls help to get a certificate to get rid of the "This site is not secure" when going to a local IP

Hello @Witzker,

I suggest switching DNS Authoritative Name Servers Provider to one that supports the DNS-01 Challenge.

Note name servers provided typically does not have to be associated with the registrar nor the hosting provider, however they are often all the same for many domains & web servers.

This list is possibly getting stale but still useful

2 Likes

different acme client lego/acme.sh have it:

2 Likes

And here is one for Certbot

2 Likes

Please note that no certificate from Let's Encrypt will do this--Let's Encrypt certifies domain names (and in the future, public IP addresses), not local IP addresses. You'll need to go to a domain name that matches the certificate to avoid this warning..

2 Likes

The easiest thing when your DNS provider is not supported, especially for home labs etc is to use acme-dns and use their free hosted service (which is hosted on a best-efforts) basis. You can debate the security of that (having a 3rd party complete your challenges), but it's convenient.

When you use that you will be asked to set a CNAME record in your DNS pointing to that service, thereafter DNS challenges will be completed using that service.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.