Hello Sir,
Is it possible to configure a linux server where it can generate private letsencrypt certificates . If i install cerbot and request for a certificate with private domain name(using private dns bind server) to the acme server it must give me a letsencrypt cetificate to a nginx/apache/xyz servers respectively.
if its possible kindly share me a link where i can configure my acme server for private organisation.
Thank you
Itâs quite easy to run your own private ACME CA (e.g. using https://github.com/smallstep/certificates), but the certificates will not be publicly trusted. You will have to establish a private PKI and get your local network to trust it.
do we also need private dns like bind9??
How to do that âEstablish a private PKI and get your local network to trust itâ ??
How we can configure our own AWS route53 using bind9 in private organisation??
These are very broad questions. It is better that you research and answer them yourself.
You could get started by following along with the examples on https://smallstep.com/blog/private-acme-server/. Itâs the simplest approach to get started with that I know of, and by the time you are done, you will have an internal PKI, a functioning ACME server, and you will probably also need to setup an internal DNS server for your internal domains.
Thanks @_az for the prompt support.
how to make certificates publicly trusted using private acme server
Short answer: you canât.
Choose between:
I assume the long answer goes along the lines of âconvince browser makers you are trustworthy enough and maybe even obtain a few cross signatures from an existing CAâ â which looks like a lot of technical first and then political too work.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.