"As a product feature, there wasn't a clean way to implement this specific ask."

I don't think there was enough thought put into this ask. Let's Encrypt uses the well-documented ACME protocol.

Developers create solutions every day. Why is this any different?

I recently finished an internal project that allows our organization to obtain Let's Encrypt certificates for our internal-only private servers that do not have access to the public internet. We call it LERS (Let's Encrypt Relay Server) and it's complete with both a CLI and Web interface so that users of all skill levels can easily obtain certificates for their use.

Under the hood it uses certbot, a well established utility for managing Let's Encrypt certificates (or any other ACME-compatible CA for that matter).

This project was conceived and completed over a two month period with two developers and NO BUDGET. We now maintain the system with users in our organization all across the United States.

After this, it sounds like my next project will be creating a competing open source product that comes with Let's Encrypt capabilities built-in and we'll be selling support packages for those who require something more business friendly with SLAs.

@me if you're interested in supporting such a thing.

Pending review for 3 years!? Can we at least get a status update?