Hello all,
I'm seeking for a clarity advice rather than fixing an issue since I don't think it's an issue - do let me know otherwise. I recently tried to install an SSL certificate for my FreeIPA server to get rid of the "SSL error" shown on my web browser. I used the official FreeIPA Let's Encrypt management script (https://github.com/freeipa/freeipa-letsencrypt) to install the cert but did not succeed. I'm getting the following error:
Requesting a certificate for newvipa.homelab.internal An unexpected error occurred: The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "newvipa.homelab.internal": Domain name does not end with a valid public suffix (TLD)
It appears my domain suffix is not acceptable as it's not a public suffix. This is normal because the domain is intended for internal use. My question is, should I be using .com suffix for my domain (homelab.com) and create a subdomain (sub.homelab.com) for internal use so I can use the ssl cert? I know it isn't necessary to use the SSL cert if the server is only meant for internal use - I know it's my server and I can trust it. I'm just more curious if my current domain is following best practice for internal use and I should only be concerned with the issue if it's for public use.
As always, thank you all for assistance.