How can I get a *.my.ionosdomain certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: my.Ionosdomain
pointing to my myfritz domain with cname
I ran this command: get SSL certificate with NPM

It produced this output: no wildcard certificate without a DNS Challenge

My web server is (include version): wan to use it for reaching my VMs and Synology devices internally

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: IONOS

I can log in to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

The problem is the DNS Challenge


there is no IONOS

Pls help to get a certificate to get rid of the "This site is not secure" when going to a local IP

Hello @Witzker,

I suggest switching DNS Authoritative Name Servers Provider to one that supports the DNS-01 Challenge.

Note name servers provided typically does not have to be associated with the registrar nor the hosting provider, however they are often all the same for many domains & web servers.

This list is possibly getting stale but still useful

2 Likes

different acme client lego/acme.sh have it:

2 Likes

And here is one for Certbot

2 Likes

Please note that no certificate from Let's Encrypt will do this--Let's Encrypt certifies domain names (and in the future, public IP addresses), not local IP addresses. You'll need to go to a domain name that matches the certificate to avoid this warning..

2 Likes

The easiest thing when your DNS provider is not supported, especially for home labs etc is to use acme-dns and use their free hosted service (which is hosted on a best-efforts) basis. You can debate the security of that (having a 3rd party complete your challenges), but it's convenient.

When you use that you will be asked to set a CNAME record in your DNS pointing to that service, thereafter DNS challenges will be completed using that service.