Hello all, I'm seeking for a clarity advice rather than fixing an issue since I don't think it's an issue - do let me know otherwise. I recently tried to install an SSL certificate for my FreeIPA server to get rid of the "SSL error" shown on my web browser. I used the official FreeIPA Let's Encrypt management script (https://github.com/freeipa/freeipa-letsencrypt) to install the cert but did not succeed. I'm getting the following error:
Requesting a certificate for newvipa.homelab.internal An unexpected error occurred: The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "newvipa.homelab.internal": Domain name does not end with a valid public suffix (TLD) It appears my domain suffix is not acceptable as it's not a public suffix. This is normal because the domain is intended for internal use. My question is, should I be using .com suffix for my domain (homelab.com) and create a subdomain (sub.homelab.com) for internal use so I can use the ssl cert? I know it isn't necessary to use the SSL cert if the server is only meant for internal use - I know it's my server and I can trust it. I'm just more curious if my current domain is following best practice for internal use and I should only be concerned with the issue if it's for public use. As always, thank you all for assistance. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
