I have successfully rolled out Let’s Encrypt on a Ubuntu machine (16.04) using the bundled
letsencrypt client. I use Ansible to configure the whole system, including calling
letsencrypt with the appropriate command line options.
I also have a local Virtualbox VM which is not reachable from the outside world. It allows me to test changes before I roll them out to the production environment. I use exactly the same Ansible setup for it, albeit with some different “testing” variables.
Before using Let’s Encrypt, I would just copy the production certificate to the testing environment also and ignore the certificate warnings when I open the web pages in the browser.
With Let’s Encrypt, I can’t do that anymore: The client won’t issue me a certificate, even if I pass
--staging. I get this error:
- The following errors were reported by the server: Domain: ci.isabelle.systems Type: unauthorized Detail: Incorrect validation certificate for TLS-SNI-01 challenge. Requested ac7d42b402997f5a524d0940f3f4a656.9007b2d1b5be960418d8cff5a3bfe36c.acme.invalid from 220.127.116.11:443. Received certificate containing 'ci.isabelle.systems' To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
Is there any way I can get the
letsencrypt client to issue me a fake certificate without any kind of authorization?