Manage Engine ADSelfService CSR Certificate Signing

I am trying to utilize ManageEngine's ADSelfService Plus which is used for managing Local Windows Server 2022 active directory. It is not a website but a tool used to enforce MFA at the Windows 11 workstation login level. In order to utilize this tool over a https port network, they are requiring a CSR to be signed using a CA, I would like to use Let's Encrypt but not sure if this is even compatible.

Is this something I can achieve? Do I need to use Certbot manually?

Any help provided is greatly appreciated!
Sincerly Sam

You can probably do what you described.

You will probably need to use dns-01 validation, you should check your DNS provider and its APIs.

Automating issuance from a CSR is really not an easy thing but it works for one-off issuance. If you can just give your software a private key and a certificate, it will probably be easier.


Double check whether you have an internal Certificate Authority that could issue a cert for what I'm guessing is an internal-only service. Depending on the hostname of your tool, you may not even be able to get a public certificate for it if it doesn't reside within a public DNS namespace. Names like adss.corp.local won't work.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.