Site - not domain - validation

Sorry if this is a dumb question - I think i know the answer, but…
There are CAs which use nonce-based validation for a specific host, not a full domain. Does LetsEncrypt support this?

My use case is that I have full control of multiple web servers like:
However, I don’t have control of the server that responds to the root, nor do I have direct control of the name servers.

Is it possible to use LetsEncrypt to generate certificates for “one, two, and” without being able to respond to a challenge at


That's fine.

You could generate certificates only for those hosts using http-01 .

Hi @David4

yes, this is possible. There are two validation methods. dns-01 - needs a nameserver entry - would not work.

http-01: You have to create a file under /.well-known/acme-challenge/filename-with-a-very-long-token-from-letsencrypt

So if you can create such a file that is visible under

you can get a certificate from letsencrypt with

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.