Hi,
> Sadly it is not always possible what with the large range of devices
> that use certs. Things that aren't "real hosts" like IPMI/BMC,
> firewall and loadbalancer appliances for example, can restrict you
> to a manual process.
You should be able to get a Lets Encrypt certificate for such devices, even
if they have private IP addresses, provided they have names in the Global
DNS.
The DNS-01 protocol (rather than HTTP-01) will allow you to prove the
ownership of those names with DNS records.
Then it's "just" a question of working out how to upload those certificates
in a more-or-less automated way to the devices themselves...
Best wishes,
@ndy
--
andyjpb@???
http://www.ashurst.eu.org/
0x7EBA75FF
