NGINX is configured as reverse proxy for both servers on 80 and 443 with Let’s encrypt certificate installed, configured on both of external “server1.mydomain.com” and “server1.mydomain.com”
Question :
For technical need, even in LAN our Widnows server “server2.domain.local” must have a third party certificate.
Then, I have to use the same certificates files in NGINX server and install them on the local server2.domain.local
Or I have to install or generate a new one, knowing that it’s the same public domain “server2.mydomain.com”
No publicly trusted CA can issue certificates for .local domains, though. They can only issue certificates for public stuff that people can prove control over.
If that’s what you’re asking for, you can’t get it.
Some CAs may offer services with private, untrusted roots – Let’s Encrypt does not – but if you want to go that route, you can run your own internal CA for free (without the same infrastructure, though).
As @9peppe sayed, i want to generate and install a new certificate for the same public domain on 2 different servers (one LINUX, the ohter is Windows)
we will have no conflict ?
In case i use the first certifcate on the second server
In case i generate onther certifcate for the same public domain on another server
If you have a certificate for either windows or linux you can convert it to the required formats using openssl. Let’s encrypt certs just need to be for public domains (so no .local, as already mentioned).
You can also have the windows/linux servers just managed their own certificates, these can be for the same domains but managed separate (they don’t really need to be the same actual certificate).