I am running a Windows Server 2019 VM box. To troubleshoot some issues I am having with a production environment. I need a trusted SSL cert. I self signed cert will not work. My production server has a public IP and can be accessed from the internet. Lets Encrypt is working perfectly there.
However the lab setup has a Private Local IP lets say 192.168.1.80 (static) and will only be used for testing. I can give it a subdomain and make the needed changes is DNS.
Is Lets Encrypt an option for me? If so What is the recommended process.
My production machine is TX1.{mydomain.com} I currently have the lab server named test.{mydomain}.com. I can change it if needed.
If {mydomain}.com is a real registered domain that you control, you can obtain a certificate using the DNS Challenge. This avoids having to expose your server to incoming internet traffic. It will still need to be able to connect to the internet outgoing, though.
How easy and automated this is depends on how you host the DNS for your domain and what ACME client you are using. It varies from "very easy and automated" to "painful and manual".
For Windows, check out Posh-ACME, WACS (Win-ACME), and Certify the Web. They all support a variety of DNS hosts.
These statements sound contradicting. The machine is a lab test machine on a VM. It could be made to make an outbound connection from time to time.. But not open to inbound traffic..
I tried to use certify the web to create the key pair. I am operating a Kerio Mail Server. It apparently is using apache as its imbedded web browser. I can generate CSR but I don't seem to have a place to put it.
Also The TX1 host is working beautifully. Its the lab server named test.{mydomain}.com that is mentioned in the first post that is the issue.
It looks like the post auto word wrapped and may be confusing things.
"I currently have the lab server named test.{mydomain}.com. I can change it if needed."
Is what the sentence should look like.