https://1.1.1.1/ cert was issued by DigiCert (not LetsEncrypt)
2 Likes
I think IP address certificates have to be supported eventually. They are pretty much required for running a DNS-over-HTTPS server because with hostnames you run into a chicken-or-egg problem on a DNS server.
A DNS challenge could be done on the reverse zone, and HTTP is even simpler than for hostnames.
Thatās definitely an important use case, but for example Cloudflareās is issued by DigiCert, so it doesnāt necessarily absolutely have to be done by Letās Encrypt.
Iām sure you can get IP certicates from other CAs if you pester them enough. Iām worried that CAs will probably attempt to charge a premium for them, which could hinder adoption of DoH.
1 Like
It is possible to purchase certificates for IP addresses, but not from Letās Encrypt. Letās Encrypt may offer IP address certificates in the future, but as of September 2018 we do not.
2 Likes