I have a service that runs on machine 2 machine basis behind a private apn.
There is strict requirement to use public authority certificate to cipher non http traffic.
Problem is that communication is working on public IP not on domain name.
I'm trying to run certbot with own created CSR with alternative names section with one DNS.1 and one IP.1 entry with PUBLIC IP inside.
Unfortunatly certbot screams that this IP is not allowed there.
Is it by design or i do something wrong?
The csr for config without IP.1 works well.
certbot.exe certonly --manual --preferred-challenge dns --csr mydomain.csr
Saving debug log to C:\Certbot\log\letsencrypt.log
Requesting a certificate for and <hidden_alternativesubdomainname>
An unexpected error occurred:
The request message was malformed :: NewOrder request included invalid non-DNS type identifier: type "ip", value "83.x.y.z"