Comment by walrus01
3 years ago
I run my own internal CA.
Would not recommend to anyone that they use publicly-valid letsencrypt certs for internal hostnames, since certificate issuance transparency logs are public and will expose all of the hostnames of your internal infrastructure.
The article answers that: use wildcard certs instead
I'd put using wildcard TLS for all your internal stuff in the category of unacceptably weird and unnecessary risk