· security-updates  · 2 min read

Let's Encrypt Issues First-Ever IP Address Certificate

Let’s Encrypt has issued its first IP address certificate, expanding HTTPS access for users without domains and advancing secure internet infrastructure.

Let’s Encrypt Breaks New Ground, Issues First IP Address Certificate

Let’s Encrypt, the nonprofit certificate authority known for providing free SSL/TLS certificates to millions of websites, has officially issued its first-ever certificate for an IP address. This move, announced on July 1, 2025, marks a significant expansion of its services, catering to a long-standing request from the internet community.

For years, developers and system administrators have sought the ability to secure direct IP address connections, a feature offered by only a handful of certificate authorities. Now, Let’s Encrypt is stepping up to fill that gap.

Why Certify an IP Address?

While most of us interact with the internet using domain names like neerajlovecyber.com, every domain ultimately points to a numerical IP address (e.g., 54.215.62.21 or 2600:1f1c:446:4900::65). These addresses are what computers use to locate and communicate with each other.

Traditionally, SSL/TLS certificates have been tied to domain names. This works perfectly for most websites, but it leaves a gap for services that are accessed directly via their IP address. Without a certificate, these connections are unencrypted and vulnerable, often triggering browser security warnings.

Let’s Encrypt is addressing several key use cases with this new feature, including:

  • Securing Hosting Provider Default Pages: Prevents browser errors when a server’s IP is accessed directly.

  • Domainless Services: Allows users to secure a website or service without owning a domain name.

  • Infrastructure Security: Enhances security for services like DNS over HTTPS (DoH) and internal cloud connections.

  • Securing Home Devices: Provides a way to securely access network-attached storage (NAS) or IoT devices remotely.

How to Get an IP Address Certificate

The feature is currently available in Let’s Encrypt’s staging environment, with a full production rollout expected later in 2025.

However, there are a few important conditions. Due to the potentially dynamic nature of IP addresses, these certificates will be short-lived, valid for only about six days. This requires users to automate the renewal process. Furthermore, validation can only be done using the http-01 or tls-alpn-01 challenge methods; the DNS challenge method is not supported for IP addresses.

What’s Next?

Let’s Encrypt will gradually roll out this capability to all subscribers. This development is a significant step forward in making the internet a more secure place, ensuring that even connections without a fancy domain name can be encrypted and trusted. For now, interested users can begin testing in the staging environment and prepare for the full launch later this year.

Newsletter Signup

News Feed

Get the Hottest Cybersecurity News Delivered to You!

Share:
← Back to News

Related News

Discover more news articles that might interest you

APT36 Targets Indian Defense with BOSS Linux Malware

APT36 Targets Indian Defense with BOSS Linux Malware

CISA Urges Immediate Patch for PHPMailer Vulnerability

CISA Urges Immediate Patch for PHPMailer Vulnerability

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462 & CVE-2025-32463)

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462 & CVE-2025-32463)

Parrot OS 6.4 Released with Kernel 6.12, New Hacking Tools

Parrot OS 6.4 Released with Kernel 6.12, New Hacking Tools

Critical Linux Vulnerability Allows Secure Boot Bypass via Initramfs

Critical Linux Vulnerability Allows Secure Boot Bypass via Initramfs

Massive Browser Hijack: 2.3M Chrome & Edge Users Hit by Trojan Extensions

Massive Browser Hijack: 2.3M Chrome & Edge Users Hit by Trojan Extensions