On 03/05/18 10:21, Nicolas Kovacs wrote: > Le 05/03/2018 à 16:30, Valeri Galtsev a écrit : >> Sorry, I missed the beginning of this thread. This sounds to me like >> running one's own Certification Authority. I did that a while ago for >> over a decade. However, these days one may consider >> >> https://letsencrypt.org/ >> >> - you will have to run web server to have certificate signed by them, >> but pointing other services to use that same certificate/secret key pair >> will work. > > I do use LetsEncrypt for all my public certificates. But I can't use it > on a local machine with a hostname like server.company.lan. This is > simply not possible. Yes, it is not. They do verify on publicly accessible server that that host is the one you have assess to, and certainly no CA authority will sign certificate for private address space. I missed the beginning of the thread which was edited away from what I was replying to... Valeri > > Niki > -- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++