"This is the last call for Jaunt-701," the pleasant female voice echoed through the Blue Concourse of New York's Port Authority Terminal. The PAT had not changed much in the last three hundred years or so - it was still gungy and a little frightening. The automated female voice was probably the most plesant thing about it. "This is Jaunt Service to Whitehead City, Mars," the voice continued. "All ticketed passengers should now be in the Blue Concourse sleep lounge. Make sure your validation papers are in order. Thank you."The upstairs lounge was not at all grungy. It was wall-to-wall carpeted in oyster gray. The walls were an eggshell white and hung with plesant nonrepresentational prints. A steady, soothing progression of colors met and swirled on the ceiling. There were one hundred couches in the large room, neatly spaced in rows of ten. Five Jaunt attendants circulate, speakingin low, cherry voices and offering glasses of milk. At one side of the room was the entranceway, flanked by armed guar
With this tutorial you will get a valid SSL certificate from Let's Encrypt without having to open any incoming ports. You can use the certificate to enable HTTPS with your reverse proxy (Apache, Nginx, Caddy, ...) or other self hosted service. Since it only uses acme.sh which is a shell script it should work on everything that runs linux.
The tutorial was written for and tested with Duck DNS and deSEC, but you can (in theory, because I did sadly encounter a few bugs/incompatibilities here and there) use every of the 150+ DNS provider supported by acme.sh (there is also a second page at the end!). If you want to use a wildcard certificate I would recommend deSEC because Duck DNS currently has a bug/incompatibility with acme.sh.
If you want to use another DNS provider you can skip right to 2. Install acme.sh, but need to change the parameter --dns YOURDNS
in all the commands and set all necessary variables yourself according to t