Https/LetsEncrypt beta - Please explain?

Stupid question time. I’m missing the obvious. Can someone explain how the new https / LetsEncrypt beta works? Not an SSL expert, obviously, but I understand the basics of getting SSL certificates through LetsEncrypt to some degree, including using DNS for auth. In experimenting with the Tailscale beta feature that just started today (no I dont need to use this feature but yes I wanted to anyways), I can generate certificates for my public ledger domain name with the tailscale cert command on a node, I can see that certificates are saved under /var/lib/tailscale/certs, so the stupid question is, how do I use these from here? Are these certificates I can point Nginx at, for example, for securing an https connection for my Tailscale domain? Or different altogether?

Sorry for the dumb question. I couldn’t figure it out from the help docs.

Yes, the idea is that you can provide the cert(s) to nginx or any other TLS service. There are several letsencrypt client packages out there that do something similar, updating a cert periodically and dropping it in a standard location.

Hi @apenwarr, I want to try this with nginx, but can’t seem to locate the cert files after certifying a machine (ubuntu server). Have tried to find .key or .pem files but can’t seem to locate any relevant to tailscale. Thanks!