Member-only story
Private TLS Certificates With Let’s Encrypt And ACME DNS
TLS certificates used to be a much bigger headache than they are now. With the advent of Let’s Encrypt, anyone can setup a secure, encrypted domain in a matter of minutes. The project has made obtaining, installing and renewing free certificates incredibly easy.
The process is pretty simple when you’re issuing certificates for a public website. The domain points toward a public host, and you can validate ownership using simple file-based authentication methods.
What happens if you want a certificate for a host that is offline? What about hosts that don’t offer web access or are internal-only? Can you still get free Let’s Encrypt certs for these?
Yes, you can! But you’ll need to use a different approach.
While there are a few ways to achieve this, like briefly opening a host up to the public Internet, by far the simplest is to use ACME DNS. This method lets you continually renew your certificate without having to completely reconfigure any servers or firewalls periodically.
Let’s take a look at how this process works and explore some rules around using public certs this way.
First you need a domain
In order to issue a certificate, you’ll need a domain name. This has to be a real…
