https://chengl.com/tags/https/Recent content in HTTPS on Random MusingsHugoen-usCheng LongSun, 05 Jul 2020 05:49:02 +0000https://chengl.com/post/lets-encrypt-intranet/Sun, 03 Sep 2017 14:33:24 +0000https://chengl.com/post/lets-encrypt-intranet/<p><a href="https://letsencrypt.org/">Let&rsquo;s Encrypt</a> (LE) has been a popular choice to get certs for public websites. Because it&rsquo;s free and automated. But how to get certs for <strong>private</strong> websites, which are common in company&rsquo;s intranet?</p> <h2 id="problem">Problem</h2> <ul> <li>There&rsquo;s a web app in your company&rsquo;s intranet.</li> <li>The web app has a fully qualified domain name (FQDN), e.g. <strong>foo.example.com</strong>, not an internal one like <strong>foo.internal</strong>.</li> <li>It only resolves to a private IP behind VPN. Therefore, it&rsquo;s inaccessible without a valid VPN.</li> <li>You want to add an extra layer of security by enabling HTTPS.</li> </ul> <p>How to get a cert for it? And how to automate it and get it for free?</p>