Is it possible to get Let's Encrypt certificate for private DNS records?

mails2mangesh · March 7, 2025, 5:32am

Is it possible to get Let's Encrypt certificate for private DNS records ?

linkp · March 7, 2025, 5:50am

Welcome to the Let's Encrypt Community.

It depends on what you mean by

If you mean valid domains that can be resolved by your public authoritative nameservers that are in use on a private network, the answer is yes with caveats. If you have a publicly accessible web server (or can map the same ports to host with a stand-alone ACME clientlistening), you could use HTTP-01, TLS-ALPN-01, or DNS-01 challenges. Otherwise DNS-01 is your only option. Note that the FQDNs in your certificates are publicly available in certificate transparency logs. You can use wildcard certificates to minimize that exposure.

Osiris · March 7, 2025, 8:44am

And if your "private DNS record" is not in the public DNS (e.g. foo.bar.local) then no.

Topic		Replies	Views
Let's encrypt and Azure Private DNS zones Help	28	5510	December 16, 2022
Generic question re multi-name cert Help	32	911	February 9, 2021
I am new here and need help please Help	6	995	May 11, 2020
Is it possible to issue a certificate to a domain name that resolves to 127.0.0.1? Help	3	2578	April 30, 2016
How can issue certificate with my dns? Help	6	632	May 22, 2022

Is it possible to get Let's Encrypt certificate for private DNS records?

Related topics