Certificate for IP address


I get

Requested name xxx.xxx.xxx.xxx is an IP address. The Let's Encrypt certificate authority will not issue certificates for a bare IP address.

while trying to get a certificate. Is there a work around that Let’s Encrypt supports for bare IP addresses? If so, how can this be done? If not, is support to be expected in the future?


No. You need to get a domain name, or use a dynamic DNS service. Or a different CA.

(There are some services that automatically create DNS records for literally every IP(v4) address, e.g. “ A”, but Let’s Encrypt blocks at least some of them.)

I don’t speak for Let’s Encrypt in this, but i can’t see it happening any time soon, if ever. There are protocol, security and standards considerations. For example, DNS-01 validation is a no-go. And CAA would be out, after all the time and effort Let’s Encrypt and the industry have spent pushing it forwards. And Let’s Encrypt would prefer not to issue certificates for short-lived cloud IPs that change hands frequently.

All in all, i think it would take a lot of discussion and work, and i don’t see a reason to prioritize it.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.