Can someone tell me please whether I can use Let’sEncrypt certificates to secure communication on my home network between devices?
Say I have the me.online domain pointing at the public IP of my home router, and have devices on the network set up as server1.me.online, server2.me.online, etc…
Can I have a separate certificate for each host’s fqdn?
Do I need one for each?
What’s best practice?
I’d like publicly trusted certificates rather than self -cert internal ones.
Yes, if the device is using an public domain / subdomain and could complete challenges (either DNS or HTTP)
Yes, you could.
I don't think you'll need one for each. If all servers are on a same network, you could do a wildcard certificate.
It depends on your setups. If you have a "supported" DNS provider, you could do things automatically (without the need to edit your web server configuration file)
Also, if your servers are behind one IP (and using router to Port forwarding, you might want to apply all certificate using one server, since let's Encrypt would only connect to Port 80 of the IP and follow redirects after that)