0

I host some services at home myself and so far have only used DNS records and self-signed certificates for them. Now I'm having some issues with self-signed certificates (some apps are not working properly) and am trying to get a public domain to fix these issues. Before I do that, I just want to clear up one question that I have.

If I had my own public domain, let's say example.com and created a local subdomain, let's say plex.example.com. Can I create a Let's Encrypt SSL Certificate for this local subdomain? or should the subdomain also be public?

Rafael
  • 11
  • 2
  • 1
    Letsencrypt checks that you own the domain. If it cannot see it, the check won't work. Either the subdomain has to be public or the other way is with a wildcard cert (*.example.com) which would cover all subdomains. See https://community.letsencrypt.org/t/acme-v2-production-environment-wildcards/55578 –  Oct 28 '20 at 23:59
  • @dratenik Your comment should be an answer. – KeyszerS Oct 29 '20 at 14:46

1 Answers1

0

As I understand, you can use wildcard certificate for subdomains. For example, you can obtain certificate for *.example.com and use it for all your subdomains.

However, you cannot obtain non-wildcard certificate for a local network. See the guidance from CA browser forum:

4.2.2.Approval or Rejection of Certificate Applications

CAs SHALL NOT issue certificates containing Internal Names (see section 7.1.4.2.1).

olegarch
  • 3,670
  • 1
  • 20
  • 19