I couldn’t find this in the docs, and I only saw questions about the IPs instead of a domain name.
I have a domain for testing (ie dev.example.com
) that resolves in public DNS to 127.0.0.1
. I would prefer to use letsencrypt instead of the a self-signed because the production domain is using letsencrypt and build tests could check the certs easier.
I tried using the manual plugin, but kept generating an unknownHost
error.
doing some digging between the source, --verbose, and pdb, it looks like the challenge is not being requested by the client, but is being proxied to https://acme-v01.api.letsencrypt.org/acme/challenge
, which would mean non-public domain names cannot be signed.
Doing a bit more reading, it seems that there is a dns-01 verification challenge being developed that could work… but my only shortterm solution would be to issue a cert for the domain on a public IP, then change the dns.