Get LetsEncrypt TLS certs for internal-only TLS servers via a delegated golang.org/x/crypto/acme/autocert server.
BSD-3-CLAUSE License
I wanted internal HTTPS servers to have valid TLS certs with minimal fuss.
In particular:
See https://godoc.org/github.com/bradfitz/autocertdelegate
It provides a client that plugs in to an http.Server to get certs & a server handler for a public-facing server that does the LetsEncrypt ALPN challenges. You then do split-horizon DNS to give out internal IPs to internal clients and a public IP (of the delegate server) to everybody else (namely LetsEncrypt doing the ALPN challenges).
Then internal clients just ask the delegate server for the certs, and the delegate server does a little challenge itself to test the internal clients.
I built this for my own use on my home network. Maybe you'll find it useful, but maybe you'll find it insecure. Beauty is in the eye of the downloader.
I'm releasing as a Go project under the Go AUTHORs/LICENSEs, as it's related to golang.org/x/crypto/acme/autocert. As such, I'm not accepting any PRs unless you've contributed to Go or otherwise done the Google CLA.