Let’s Encrypt Now Supports SSL Certificates for IP Addresses
Let’s Encrypt Now Issues Certificates for Public IPs As of July 2025, Let’s Encrypt now supports issuing SSL certificates for public IP addresses (both IPv4 and IPv6) — no longer limited to domain names (CNAMEs). 👉 This is a major change, especially useful for: Self-hosted environments without DNS Testing or staging clusters Internal APIs or services running on direct IPs ✅ What This Changes No need to configure a domain name or CNAME just to enable HTTPS. Provisioning scripts and DevOps services can rely on encrypted public IPs. Let’s Encrypt still uses the ACME protocol, now with a new ipIdentifier validation. 🔐 Requirements The IP address must be public and directly reachable. You must use ACME v2 with a compatible client like certbot, acme.sh, or lego. This update makes it easier to secure ephemeral deployments, containers, and temporary VMs. A very welcome improvement for the open-source and DevOps communities. ...