[talk] SSL certificates
Pete Wright
pete at nomadlogic.org
Tue Sep 12 16:35:15 EDT 2017
On 09/12/2017 13:18, Dan Langille wrote:
>> On Sep 12, 2017, at 1:10 PM, Mark Saad <mark.saad at ymail.com
>> <mailto:mark.saad at ymail.com>> wrote:
>
>> one issue i've had with let's encrypt is trying to use it on private
>> subdomains on AWS. iirc the system needs to have a public DNS entry as
>> well as access from the internet to work - i might be mistaken tho on
>> this...
>
> I have LE certs for RFC 1918 addresses. The DNS server I use to
> validate is a public DNS server, but where
> you user the cert is not relevant.
>
ah i hadn't thought of that - basically having a bastion host wrangle
getting new certs, then you deploy the to the appropriate backend after
the CSR is fulfilled? does the the public server announce the rfc1918
address for a given host, or does it use a dummy public ip?
thx!
-pete
> --
> Dan Langille - BSDCan / PGCon
> dan at langille.org <mailto:dan at langille.org>
>
>
--
Pete Wright
pete at nomadlogic.org
@nomadlogicLA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20170912/3baf8afe/attachment.html>
More information about the talk
mailing list