@serge You could use a publicly accessible host or something like
https://gethttpsforfree.com/
using DNS records to collect certs, and then copy those certs to your internal hosts.
Example 1: You have a VPS with a web server and acme client. Setup DNS record(s) to point internal-service.example.com at that VPS and setup your acme client to collect letsencrypt certs for it. Then setup a script on your internal host that will grab the new certs on a regular basis (or manually copy them if you like).
Example 2: Using a service like the link above doesn't require having a device with a "real" public IP address, you could just validate domain ownership with a DNS record. At the end of the process you get a cert that you can paste in to your internal host. Of course, how you do DNS validation would depend entirely on how you are managing your public DNS.
Either way, you'd either have to setup your real public DNS to point those names at private addresses (like your 192.168.1.10 example), or poison your internal DNS to point those internal names at the appropriate addresses.
=> More informations about this toot | View the thread | More toots from jmhorner@eattherich.club
=> View serge@babka.social profile
text/geminiThis content has been proxied by September (ba2dc).