Installing a Let's Encrypt TLS Certificate on a Brother Printer with Certbot

Summary

_(2025/12/09) #Brother #Certificates #Cloudflare #Tailscale #Printer _{Article inspiration:} - _{https://blog.poggs.com/2020/03/18/printer-security-installing-tls-certificates-on-hp-printers-automatically/} - _{https://github.com/gregtwallace/brother-cert/releases} ## Introduction I am pretty proud of this blog post as I managed to figure out an automatic method to deploy a Let's Encrypt certificate to my personal Brother printer using a simple Bash script combined with Cloudflare DNS integration. Now you may ask why bother? Well I always wanted to deploy a proper certificate to my own personal printer but not maintain a local only certificate authority. Not only that, I also wanted a system in place that would do this automatically similar to how my Nginx Proxy Manager (NPM) container handles certificates for the various Docker web apps that I deploy. Even though my specific situation is unique to myself, you can definitely use this blog post as a starting point for your own needs. I heavily rely on Tailscale with Cloudflare for my homelab as I take the various Tailscale IPs of my devices, give them a public DNS A record, and then configure NPM to route the DNS requests to their specific application hosted on them. This allows me to use a proper domain name (instead of the typical internal name) that is routable/pingable externally but can only be accessed by my Tailscale network. For example my Zabbix instance, `https://monitor.owltec.ca`, has a public DNS A record but this instance is only accessible via my Tailnet. Unfortunately, I cannot install Tailscale on my Brother printer so it is unable to receive a Tailscale IP. However, NextDNS gives me the ability to do local DNS rewrites so now `printer.owltec.ca` will redirect to a local IPv4 address. While not a Tailscale IP, it works well, as similar to my Tailnet, you have to be using my NextDNS for the DNS redirect to work. I suppose I could give `printer.owltec.ca` a public DNS ...