Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: my.Ionosdomain
pointing to my myfritz domain with cname
I ran this command: get SSL certificate with NPM
It produced this output: no wildcard certificate without a DNS Challenge
My web server is (include version): wan to use it for reaching my VMs and Synology devices internally
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: IONOS
I can log in to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I suggest switching DNS Authoritative Name Servers Provider to one that supports the DNS-01 Challenge.
Note name servers provided typically does not have to be associated with the registrar nor the hosting provider, however they are often all the same for many domains & web servers.
This list is possibly getting stale but still useful
Please note that no certificate from Let's Encrypt will do this--Let's Encrypt certifies domain names (and in the future, public IP addresses), not local IP addresses. You'll need to go to a domain name that matches the certificate to avoid this warning..
The easiest thing when your DNS provider is not supported, especially for home labs etc is to use acme-dns and use their free hosted service (which is hosted on a best-efforts) basis. You can debate the security of that (having a 3rd party complete your challenges), but it's convenient.
When you use that you will be asked to set a CNAME record in your DNS pointing to that service, thereafter DNS challenges will be completed using that service.