Let’s Encrypt Begins Supporting IP Address Certificates
Let’s Encrypt Begins Supporting IP Address Certificates
Let’s Encrypt begins issuing IP address certificates, expanding support beyond domain names to cater to specialized use cases, such as DoH and home devices.
Who benefits from this? Even though Let’s Encrypt stresses that most site operators will do fine sticking with ordinary domain certificates, there are still scenarios where a numeric identifier is the only practical choice:
Infrastructure services such as DNS-over-HTTPS (DoH) – where clients may pin a literal IP address for performance or censorship-evasion reasons.
IoT and home-lab devices – think network-attached storage boxes, for example, living behind static WAN addresses.
Ephemeral cloud workloads – short-lived back-end servers that spin up with public IPs faster than DNS records can propagate.
You're viewing a single thread.
F I N A L L Y
Now tell me it supports IPv6 and I'll be the happiest man alive
Maybe I'm not understanding it but I can't see what I would use this for due to the 6 day issue period. Bringing a NAS up to copy data for a couple days is the only real use case I find for home users.
Because even if you pay for a static external IP from your ISP, this doesn't support using such for longer than that period right?
Let's Encrypt is meant yo be used with automated certificate renewal using the ACME protocol. There are many clients for this. Both standalone and built into e.g. Caddy, Traefik and other software that does SSL termination.
So this specific concern doesn't really make sense. But that doesn't mean I really see a use case for it either, since it usually makes more sense to access resources via a host name.
Thanks! I'll look into that, this could be useful for me then after all. This is why it's always good to ask questions
Can't it automatically be renewed?
Not sure, I just saw the 6 day thing in the article, that would be nice though
Edit: vorpal says you should be able to using ACME https://programming.dev/comment/17987211
Yay!
Yay!