6:15 p.m.
Hello all,
I'm seeking for a clarity advice rather than fixing an issue since I don't think
it's an issue - do let me know otherwise. I recently tried to install an SSL
certificate for my FreeIPA server to get rid of the "SSL error" shown on my web
browser. I used the official FreeIPA Let's Encrypt management script
(https://github.com/freeipa/freeipa-letsencrypt) to install the cert but did not succeed.
I'm getting the following error:
Requesting a certificate for newvipa.homelab.internal
An unexpected error occurred:
The server will not issue certificates for the identifier :: Error creating new order ::
Cannot issue for "newvipa.homelab.internal": Domain name does not end with a
valid public suffix (TLD)
It appears my domain suffix is not acceptable as it's not a public suffix. This is
normal because the domain is intended for internal use. My question is, should I be using
.com suffix for my domain (homelab.com) and create a subdomain (sub.homelab.com) for
internal use so I can use the ssl cert? I know it isn't necessary to use the SSL cert
if the server is only meant for internal use - I know it's my server and I can trust
it. I'm just more curious if my current domain is following best practice for internal
use and I should only be concerned with the issue if it's for public use.
As always, thank you all for assistance.