Let’s Encrypt Now Supports SSL Certificates for IP Addresses

Let’s Encrypt Now Issues Certificates for Public IPs

As of July 2025, Let’s Encrypt now supports issuing SSL certificates for public IP addresses (both IPv4 and IPv6) — no longer limited to domain names (CNAMEs).

👉 This is a major change, especially useful for:

Self-hosted environments without DNS
Testing or staging clusters
Internal APIs or services running on direct IPs

✅ What This Changes

No need to configure a domain name or CNAME just to enable HTTPS.
Provisioning scripts and DevOps services can rely on encrypted public IPs.
Let’s Encrypt still uses the ACME protocol, now with a new ipIdentifier validation.

🔐 Requirements

The IP address must be public and directly reachable.
You must use ACME v2 with a compatible client like certbot, acme.sh, or lego.

This update makes it easier to secure ephemeral deployments, containers, and temporary VMs.
A very welcome improvement for the open-source and DevOps communities.

Links:

https://letsencrypt.org/2025/07/01/issuing-our-first-ip-address-certificate/

202507141614

Let’s Encrypt Now Issues Certificates for Public IPs¶

✅ What This Changes¶

🔐 Requirements¶

Links:¶

Let’s Encrypt Now Issues Certificates for Public IPs

✅ What This Changes

🔐 Requirements

Links: