Pi-Hole should work with my own domain with Let's Encrypt SSL support
Standard behavior, slow page loads, no SSL support
I want to make PI-Hole work with my own domain, with Let's Encrypt SSL support, so it will be able to work properly with SSL sites.
Ideally, I should be able to call my PI by name, like ns1 . example .com
Any idea how to do that ?
Difficult as SSL certs presented on sockets only work (trusted) for one or a couple of domains (only if you own those domains).
You cant create a cert that can be used for all 100k+ blocked domains from the Pi-hole lists.
My best bet, have your system configured with two IP addresses and bind daemons and vhosts to those particular IP addresses.
So one IP address for Pi-hole to return the block page and a blank page instead of an ad (plus iptables rules to reject 443 TCP trafic).
And another IP for hosting your vhost web sites behind a cert.
Below posting describes how to use "IP aliasing" to add another secondary IP address and how to bind dnsmasq and lighttpd:
And I even tried squeezing all 100k of blacklisted domains into a SAN cert but no success:
EDIT: forgot to mention, if your system got another second interface, you can use that one too for binding the daemons and vhosts.
Just realized if you'r going to use your own cert (a SAN cert is very suited for this), you wont need to reject 443 TCP 
Interesting... Will try.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.