0

I am trying to use certbot (Let’s Encrypt) for a local domain.

In /etc/hosts I have this.

127.0.0.1       myapp.whitebear.com

But when I run certbot (Let’s Encrypt) shows this error.

How can I set the HTTPS for for a localhost?

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for myapp.whitebear.com
Waiting for verification...
Challenge failed for domain myapp.whitebear.com
http-01 challenge for myapp.whitebear.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: myapp.whitebear.com
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up A for myapp.whitebear.com
Improve this question

1 Answer 1

Reset to default
2

To use Let’s Encrypt certificates your domain has to exist in the DNS system. Local overrides such as /etc/hosts will not work.

Improve this answer
4
  • Thank you very much, sooo what is the best practice to use https on Localhost?? some services (ex facebook login) needs to be https..
    – whitebear
    Commented Dec 15, 2019 at 6:47
  • I found github.com/FiloSottile/mkcert I will try to use this.
    – whitebear
    Commented Dec 15, 2019 at 8:12
  • Just a thought: Is it a possible solution to make these local domains public available [with a public IP] and allow the access in .htaccess only from my private network [where I know the IP addresses]. In other words, certbot and Let's Encrypt must NOT access these domains in the usual way as browser do - e.q. through port 80 & 443.
    – Peter VARGA
    Commented Apr 2, 2020 at 20:12
  • 1
    @AlBundy, you can validate a domain via just DNS records, it doesn't have to point to hosted website. The domain just has to exist in the public DNS system and you have to have control over it. If you are going to use http base validation though then Let's Encrypt must be able to make it's HTTP requests so you can't block it in anyway.
    – kicken
    Commented Apr 2, 2020 at 23:21

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .