minus-squarecarcus@lemmy.mltoSelfhosted@lemmy.world•Certificate managementlinkfedilinkEnglisharrow-up0·1 year agoYou should be able to do wildcards with acme V2 and a dns challenge: https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579 You would manage internal dns and would never need to expose anything as it’s all through validation through a TXT record. You could use also something like traefik to manage the cert generation and reverse proxying: https://doc.traefik.io/traefik/https/acme/ linkfedilink
You should be able to do wildcards with acme V2 and a dns challenge: https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579
You would manage internal dns and would never need to expose anything as it’s all through validation through a TXT record.
You could use also something like traefik to manage the cert generation and reverse proxying:
https://doc.traefik.io/traefik/https/acme/