Certificate for public IP without domain name

#86 cert was issued by DigiCert (not LetsEncrypt)


I think IP address certificates have to be supported eventually. They are pretty much required for running a DNS-over-HTTPS server because with hostnames you run into a chicken-or-egg problem on a DNS server.

A DNS challenge could be done on the reverse zone, and HTTP is even simpler than for hostnames.


That’s definitely an important use case, but for example Cloudflare’s is issued by DigiCert, so it doesn’t necessarily absolutely have to be done by Let’s Encrypt.


I’m sure you can get IP certicates from other CAs if you pester them enough. I’m worried that CAs will probably attempt to charge a premium for them, which could hinder adoption of DoH.



It is possible to purchase certificates for IP addresses, but not from Let’s Encrypt. Let’s Encrypt may offer IP address certificates in the future, but as of September 2018 we do not.