Error creating new authz :: Issuance for IP addresses not supported

My domain is: www.openmep.biz

I ran this command:
Using golang.org/x/crypto/acme/autocert library in Go server to create certificate. The servers runs as expected using https but print the following message:

It produced this output:
2019/08/28 14:26:48 http: TLS handshake error from 107.178.237.16:53543: 400 urn:acme:error:malformed: Error creating new authz :: Issuance for IP addresses not supported

My web server is (include version):
The Go web server I have written.

The operating system my web server runs on is (include version):
Ubuntu 18.04

My hosting provider, if applicable, is:
Google Cloud Platform

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Bo

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): None

1 Like

Hi @tskale

what domain names did you use in your certificate creation command?

Your error

says: You have tried to create a certificate with an ip address.

Letsencrypt doesn't support such certificates.

1 Like

I suspect (but may be wrong) that @tskale has autocert configured to try and issue certificates automatically in-line with requests that arrive when no certificate is available to satisfy the hostname provided by the client’s TLS SNI value.

If that’s the case then I think you need to filter out requests where the SNI is an IP address and not a domain name. As @JuergenAuer mentioned Let’s Encrypt doesn’t issue certificates for anything other than domain name identifiers presently.

3 Likes

Ah, thanks, good to know. If there is such a feature -> that may be the problem.

3 Likes

Thanks cpu. It was autocert configuration problem.
It’s working ok now.

3 Likes

Great, glad to hear it. Thanks for reporting back :+1:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.