I am running three Debian 8 servers as virtual machines on a Windows 2012R2 platform. The servers each host an installation of Owncloud which I would like to protect with Letsencrypt SSL.
The servers each have their own internal IP and share a dynamic external public IP managed by a DDNS provider. Each server is identified by a host name which is configured in my DNS server. The router is configured with port redirection for each server for external access.
I have managed to get a certificate installed on one of the servers and it works fine both internal access and external remote access but I cannot work out how to get the other two servers issued with correctly configured certificates.
So, I have been issued with a valid certificate for cloud1.example.com on 192.168.0.1 which was requested using the Letsencrypt package installed on the cloud1 server.
I requested an additional standalone certificate for cloud2 using the same package on cloud1 and moved those certificates and installed them on cloud2.example.com on 192.168.0.2. This works as expected when accessed internally on the network but throws up an error when accessed remotely and tries to point me to cloud1.example.com.
As I mentioned the port forwarding on the router is correctly set up because it works fine with self signed certificates.
I have also tried requesting a certificate for cloud2 by installing the Letsencrypt package on the cloud2 server but the request is refused due to the public IP already having a valid certificate for cloud1.
My question is how do I get individual certificates for each server when there is only one public IP?
Any help would be greatly appreciated