I did this for a while back when freenom existed. Then, I moved and learned that I was exceptionally lucky to have working loopback NAT in my previous house, and would have to split off a local.<domain> entry for clients on the internal network. No idea why most ISPs don't have routers that work like that.
I haven't bothered doing DNS auth to get certs since I started using paid domains.
I haven't bothered doing DNS auth to get certs since I started using paid domains.