I'm relatively new to the IT field, having only been in the industry for about a year. I used to be more of a hobbyist until I filled a help desk position at my company. Recently, I've taken on the responsibility of maintaining our Help Desk application that's hosted internally on a .local domain. However, my company wants to resolve the "this site is not safe" warnings that appear in browsers. I've learned that we currently have the ability to upload various SSL certificates including PEM, PKCS-12, and Let's Encrypt ones. But from my research, it sounds like these might not work because we're using a .local domain. SSL certificates seem pretty complex and I'm feeling overwhelmed trying to find solutions or options. Does anyone have suggestions, articles, or videos that could help?
1 Answer
You can't get a trusted certificate from an external provider for .local domains. You have two main options. First, you could set up your own Certificate Authority (CA) and issue a certificate for your .local domain across all devices. Alternatively, I recommend switching to a public domain; for example, if your main domain is example.com, you can use host.int.example.com. This way, you can use Let's Encrypt with DNS validation without affecting your other services. I suggest going with option two and moving away from the .local naming altogether.
So, are you saying I should create a subdomain that we control and point it to our internal server? Then I can proceed with the Let's Encrypt certificate process? I just want to make sure I got that right.