Hi: I have some internal labs of public websites (WP and J) I manage (some kind of stage server), but when I start the lab one, I am getting many errors with the SSL certificate (those are from Let's Encrypt)
I am thinking replacing the SSL cert on the lab but due them dont have Internet access, that's not an option.
Anyone have some thoughts about how resolv that errors?
@mauriciovergara welcome to the forums! There are a few ways I would say you can do this. However, I have more questions for you. So, you have exact clones of the websites running in production? Are you wanting to use the same name as you have in production for SSL cert purposes?
An easy way I can think of is simply stand up a reverse proxy like Nginx Proxy Manager or Traefik in front of your lab. This would allow you to generate certs for the names you want to have proper SSL certs on in your lab. The Nginx proxy manager could have a network connection in an "Internet connected" network and then one in the lab environment to terminate the SSL certs for the machines you have running there. Then you would just point your DNS for lab to the Nginx Proxy Manager.ย
Also, as another option, you can install certbot on an Internet connected machine and use the DNS challenge to create a valid cert. Something like this:
certbot certonly --manual --preferred-challenges dns -d yourdomain.com
This will result in generating Once validation is complete, Certbot will generate the certificate files: cert.pem, privkey.pem, etc. You would then just copy these over to your non Internet connected servers for proper SSL certs. Let me know if either of these methods might work for you or if there are other requirements there.
Brandon
