How to generate a certificate in a closed network?

I suppose that's feature request.
I've seen three use cases of SSL certificates for HTTPS:

  • the domain resolves to a server with WAN, it's all right, certbot works
  • the domain has a CAA record - this is locked on purpose, move along
  • the domain resolves to a server without WAN - for security reasons.
    Meaning the domain name - if resolving at all - won't have an accessible wan IP.
    It's somewhat similar to the localhost case, but also somewhat different maybe.

Any insight for that is welcome :slight_smile:

If it's a public domain, DNS validation. If not, an internal CA. For the latter, see:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.