While this is a great writeup on Lemmy instances, the thread was specifically about Mastodon and it’s numerous forks. I believe they use the same tech but are vastly different things. The instance I found wasn’t quite Mastodon apparently, even though it works very similar and the app designed to connect to a Mastodon instance wouldn’t connect to it.
The DNS-01 challenge can be used to generate a wildcard by creating the requested dns record in your public dns zone, then you can use that cert for internal servers/dns. With certain dns providers it can even be automated.
https://eff-certbot.readthedocs.io/en/stable/using.html#third-party-plugins