Certificate for embedded device without a domain name?


#1

I want to generate certificates for embedded devices that do not have a domain name. Can I get a certificate issued for an IP address and not a domain name?

This is a general need for embedded devices. Currently self-signed certs are used for many embedded devices, but it would be much better to enable the device to use the let’s encrypt client and generate a real cert locally. However, the device will not have a domain name – as it is always connected to by explicit IP address.

Is this possible?

We would like to integrate the client into our embedded platform and offer this to device builders.


#2

Hi @mob,

No, Let’s Encrypt is not able to issue certificates for iP addresses.

If you could find a way to use names, maybe by operating your own dynamic DNS service on behalf of your users, you could get certificates for those names but then people would have to use them when accessing the devices as well.


Certificates for Numeric IPs