SSL certificate for bare IP address

Daniel_Server · February 22, 2021, 10:05pm

Operating system: Ubuntu
OS version: 20.04

Hi,

When I type my IP address to the URL bar I got my site in none SSL version and with SSL it becomes a self-signed SSL. I want to make like Google is doing so what I type and IP address, the IP will be redirected to the SSL version of my site.

How could I do it?
Thanks

calport · February 23, 2021, 12:38am

This would be a nice-to-have feature. However Let’s Encrypt does not offer SSL certificates for bare IP addressses. See

You could buy a certificate from a CA which does support bare IP addresses and apply it to Virtualmin - that would give you the result you desire but it cannot be done for free via Let’s Encrypt, methinks.

Daniel_Server · February 23, 2021, 12:41am

@calport I’m just looking for a way to redirect the IP to the DNS. Maybe it could be solved throw the apache .htaccess file?

calport · February 23, 2021, 12:58am

If I have correctly understood what you wish to do, the answer is still no.

Only a Certifying Authority can issue a certificate which browsers will accept as valid, so no amount of redirects by us will result in the browser accepting a certificate that has not been issued by a CA for that domain / IP address.

If you want the lock symbol to show for an IP address in the web browsers of all visitors who visit your website via that IP address then you must get a certificate from a CA. I should also mention that if you want the lock symbol to show for an IP address for only a few visitors (e.g. intranet users in your workplace) then there are ways of achieving that without involving a CA or paying fees for the certificate.

Joe · February 23, 2021, 2:03am

You can redirect the http://ip.add.re.ss, but you cannot redirect https, because the connecting browser will throw errors.

You’re trying to do something you should not do. Stop using the IP for anything. The IP doesn’t matter. Never link to it, never give it to anyone as a way to reach you, just never use it. We have hostnames for a reason. Use them.

If you insist on doing it, you’ll have to buy a cert from someone that’ll issue one for an IP (I don’t know who will do this, since you’re unlikely to “own” your IP address). I have never wanted or needed to do this, however, so I can’t imagine what scenario you are in where it makes sense to do anything with the IP address.

system · March 7, 2021, 2:00am

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.