How to get a TLS certificate for a domain inside of my local network? This was a question for me for a long time. I thought of creating a real subdomain, getting the certificate, and copying over the files locally, and then enforcing local domain names via the DNS or /etc/hosts. But, during the TLS training from Scott Helme, I learned about getting certificates via DNS challenge using acme.sh.
I use DreamHost nameservers for most of m domains. I got an API_KEY from them for only DNS manipulation.
Next, I just had to execute one single command along with the API_KEY to fetch fresh and hot certificate from Let's Encrypt.
The following command fetches for fire.das.community subdomain.
DH_API_KEY=MYAPIKEY acme.sh --issue --dns dns_dreamhost -d fire.das.community
There is a wiki page listing how to use acme.sh tool for various DNS providers.
from Planet Python
via read more
No comments:
Post a Comment