Question about issuing certificates


I have server with https and one certificate issued from LetsEncrypt,

With one ssl certificate I ran 4 vhosts, so here come my question:

Now I am using domain I want use xxxx.local domain
Is there some way to issuing certificates for domain daem0n.local for example, and if Yes, could you give me more specific information how to achieve this.

Thank you in advance!

Boris Stoev

Let’s Encrypt only issues certificates to domains that end with top level domain suffixes in the root zone database managed by ICANN. Reserved suffixes like .local are not supported (and are prohibited by the CA/Browser forum), neither are any other private or alternative DNS root suffixes.

Please also note that .local is reserved for multicast DNS by RFC 6762 and should not be used in traditional DNS. Some client operating systems, including macOS and Linux in certain configurations, will fail to connect to such domains if it cannot resolve them using multicast DNS.

@bstoev, you can make your own self-signed certificate for your .local domain and then accept it in your own browser(s). If you don’t know how to make a self-signed certificate, the web-based Let’s Encrypt tool also has a feature to generate self-signed certificates for you. As @Patches said, Let’s Encrypt is absolutely forbidden from issuing publicly-trusted certificates for .local domains.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.