[talk] SSL certificates

Pete Wright pete at nomadlogic.org
Tue Sep 12 16:35:15 EDT 2017

On 09/12/2017 13:18, Dan Langille wrote:
>> On Sep 12, 2017, at 1:10 PM, Mark Saad <mark.saad at ymail.com 
>> <mailto:mark.saad at ymail.com>> wrote:
>> one issue i've had with let's encrypt is trying to use it on private
>> subdomains on AWS.  iirc the system needs to have a public DNS entry as
>> well as access from the internet to work - i might be mistaken tho on
>> this...
> I have LE certs for RFC 1918 addresses.  The DNS server I use to 
> validate is a public DNS server, but where
> you user the cert is not relevant.

ah i hadn't thought of that - basically having a bastion host wrangle 
getting new certs, then you deploy the to the appropriate backend after 
the CSR is fulfilled?  does the the public server announce the rfc1918 
address for a given host, or does it use a dummy public ip?


> -- 
> Dan Langille - BSDCan / PGCon
> dan at langille.org <mailto:dan at langille.org>

Pete Wright
pete at nomadlogic.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20170912/3baf8afe/attachment.html>

More information about the talk mailing list