I’m part of a big company with a root domain : mycompany.com
Inside this company, there are many hostnames, not reachable from internet. For instance, a developper’s machine is named machine_name.mycompany.com.
We are developping mobile webapps with http2 and we need to test them from an iPad. The iPad connects to the developpers machine. Unfortunatelly, since we cannot install a Cert Authority on the iPad for safari to use it, we have to get a valid signed certificate for every developper’s machine for the iPad to trust the service runing on the dev’s machine.
It is not possible to give the company’s wildcard to every developper neither to buy one certificate for every machine.
I saw letsencrypt as a solution until I found out that the subdomain should be accessible from the internet using http for proof-of-control.
Is it possible to get a proof-of-control for a subdomain from the parent domain that runs an http server ?