That’s interesting. I tried that a few months ago and it was not supported, unless I misunderstood something. This is great, I will try it again. It will let me put a web site on a NAT without having to mess with DNS auth. For web auth I use the dehydrated script which is much simpler than certbot.
Sounds like me… most of the time. I thought that getting LE certs for my LES boxes might be a bit trickier than normal. Surprisingly not. Worked for both nginx and lighttpd pretty easily.
That may be the difference as I used certbot.
Let’s Encrypt is fine with IPv6-only DNS servers. I have acme-dns running on an IPv6 address and use it along with Let’s Encrypt DNS challenges. Works well! You can use one acme-dns instance for everything, and it works for wildcard certs too.