You could satisfy a DNS-01 challenge for an internal (sub)domain name like that if you want to go through that process.
2 Likes
So the only way to add the sub domain is create a A name for it (and leave it else every 30 days....) or DNS challenge - I think my NS are with MS - dunno if that makes it easier.
If they're in Azure, then it should be relatively straightforward to configure win-acme for it:
3 Likes
Not Azure. Office 365.
The server I'm experimenting with is physical on my LAN.
This seems to be less a question about Windows and more a question about win-acme which I have basically no useful knowledge about.
Generally speaking though, if you're trying to get a cert that contains an internal-only name, you will be forced to use the DNS challenge for that name which requires being able to create a DNS TXT record (not an A record) in the external copy of your DNS zone. And if you're using a DNS challenge for the internal name, you might as well also use it for the external name to just to make things simpler.
Knowing where that DNS zone is hosted and what sort of DNS API options they have will be the next step you need to figure out if you're unwilling to supply your actual domain name. Folks here could probably help figure out the provider if they knew the real name though. If it helps, all public certs from all public Cert Authorities are logged in a world readable database that is routinely scanned by large numbers of people and systems (including bad actors). So not posting it here isn't really hiding anything aside from your personal affiliation with the domain.
7 Likes
Thanks, @rmbolger. 
4 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.