This is a guide for generating an SSL certificate via Let's Encrypt for a server that is not exposed to the internet. This means the default method where certbot creates a temporary token exposed to the public to verify ownership will not work.
To prove ownership, you will need to use the DNS challenge and create a DNS TXT entry. To continue with this, you need to have access to create DNS records for your domain.
Assuming you have installed certbot, you just need to run the following command.
sudo certbot certonly --manual --preferred-challenges=dns
Top comments (0)