A public IP address is an IPv4 or IPv6 address reachable from Internet.
SSL Certificate for IP addresses
The ultimate solution for easily protecting your public IP addresses.
The SSL Certificate for IP address encrypts connections directly to the public IP address (for example, https://1.1.1.1/). It provides the same level of encryption and security benefits as any other SSL Certificate and follows CA/Browser Forum guidelines.
With the SSL Certificate for IP Sectigo you can protect a public IP address.
Our IP SAN SSL Certificate protects both public IP addresses and fully qualified domain names (FQDN).
The IP SAN SSL Certificate protects 2 public IP addresses with a single certificate by default. Secures a maximum of 250 additional SANs on request.
The SAN (Subject Alternative Name) property of the IP SAN SSL Certificate makes it possible to purchase additional public IP addresses, subdomains of any level and also wildcard domains.
With no paperwork required, you will receive your IP SSL certificate within minutes.
from
SSL Certificates for IP Comparison
Get Strong Browser-Trusted SSL Certificate for IP addresses
Certificate Price | SSL Certificate for IP Sectigo /month | IP SAN SSL Certificate /month |
Validation Type | SSL Certificate for IP Sectigo DV (Issuance in minutes) | IP SAN SSL Certificate DV (Issuance in minutes) |
Number of protected addresses by default | SSL Certificate for IP Sectigo 1 address | IP SAN SSL Certificate 2 addresses |
SAN Support | SSL Certificate for IP Sectigo | IP SAN SSL Certificate |
Additional price for single SAN | SSL Certificate for IP Sectigo | IP SAN SSL Certificate /month |
Additional price for WildCard SAN | SSL Certificate for IP Sectigo | IP SAN SSL Certificate /month |
Buy SSL Certificate for IP Sectigo | Buy IP SAN SSL Certificate |
12 month
auto-renewing subscription.
The Best SSL for IP Address
Fast issuance
The IP SSL certificate is automatically issued within minutes with HTTP/HTTPS validation.
Secures multiple IP and domains
The IP SAN SSL Certificate includes 2 SANs by default. Secures a maximum of 248 additional SANs on request.
Visible safety
The IP SSL Certificate activates the secure padlock and the HTTPS secure site prefix in the browser address bar.
Strong Encryption
Maximum security with 2048 or 4096 bit RSA key, 256 or 512 bit SHA-2 encryption, with ECC support.
Trusted Root Certificate (WebTrust)
Compatible & trusted by all browsers, servers, and hosting providers that support SSL/TLS.
Easy Lifecycle Management
Control panel to generate, download, reissue, and renew your IP SSL certificate.
Expert Support
Full support for CSR generation, installation, and use of your IP SSL Certificate.
100% Money Back Guarantee
If you are not satisfied with your SSL Certificate, let us know within 15 days of issuance for a 100% refund.
Public IP SAN Certificate FAQs
An SSL Certificate can be issued to a public IP address. These are the requirements to get an IP SSL Certificate:
- Public IP addresses only.
- You must prove that you control the IP by hosting a .txt file containing a generated random string in a predetermined location on your site. These instructions will be provided to you after you submit your IP SSL order.
No. Starting in 2016, the CA/Browser Forum has prohibited the issuance of SSL Certificates for private/reserved IP and local server names with a non-public domain name.
Being a private IP address, it is not possible for trusted CAs to validate the authenticity of the IP address to issue a certificate. Because these reserved IP addresses and local (intranet) server names are not unique, they can be easily spoofed by attackers to perform man-in-the-middle attacks and gain unauthorized access to data.
You can easily and quickly purchase a IP SSL Certificate through our website by following these instructions:
1. Choose the certificate:
IMPORTANT:
Select your country, language and currency at the top of the page.
We accept payment in United States Dollar ($), Euro (€) and Brazilian Real (R$).
2. Choose Billing Cycle
Choose your multi-year plan.
For 2-year and longer plans, you'll need to request and install a free reissue each year. Industry policy limits public TLS/SSL certificates to 1 year maximum validity.
3. Configurable Options (IP SAN SSL Certificate)
By default, the IP SAN SSL Certificate protects up to 2 public IP addresses or fully qualified domain names. If you need to protect more addresses, please enter the quantity of SAN addresses.
The additional SAN address can be of type:
- SAN (simple): Used for public IP addresses or by an FQDN. Example: 123.456.789.10 or www.yourdomain.com .
- SAN WildCard: To protect unlimited subdomains of a domain (one level). Example: *.yourdomain.com .
4. Additional Information
Enter the IP address to be configured in the certificate. The second IP address and others, if contracted, can be entered when you start issuing the certificate.
5. Available Addons
SSL Certificate Installation Service: Our experts will generate the Certificate Sign Request (CSR) and install the SSL/TLS Certificate for you. Temporary access to your site's server and/or control panel is required. This service includes installation of a single certificate on a single server.
6. Review
Review the order and if you have a discount coupon, inform us at this time.
7. Checkout
If you are already a registered customer, please enter your email address and password. Otherwise, create a new account by entering your registration information and password. Select your payment method and complete your order!
The certificate will be available for issuance in your customer portal once payment has been confirmed.
For the SSL Certificate for IP Sectigo, generate the CSR by entering the IP address in the CN (Common Name) field.
For IP SAN SSL Certificate, the CSR must be generated leaving the CN (Common Name) field blank.
The addresses (IP or an FQDN) are added to the SAN property of the SSL certificate when you start issuing it.
Validation is done using HTTP Hash.
A certificate authority must be able to verify your control of the IP address through file authentication (you must upload a TXT file containing a generated random string on your website to be accessible over HTTP/HTTPS). For example:
Hash File: .well-known/pki-validation/783F6203ED5331A35ZDF4BA503F0E091.txt
Contents: Y821159AF31E86897D5C2F5EA547CC1D22724885F89680C5A161DAF11AC7445Z
For the validation to be completed, this file must be accessible via the Internet through its IP address, for example:
http://1.1.1.1/.well-known/pki-validation/783F6203ED5331A35ZDF4BA503F0E091.txt
or
https://1.1.1.1/.well-known/pki-validation/783F6203ED5331A35ZDF4BA503F0E091.txt
Depending on your system or web server, you may need a specific format of SSL/TLS certificate to complete your installation.
Once the issuance process is complete, the SSL/TLS Certificate is available in the most popular formats:
PEM
It is a file encrypted in Base64 format using ASCII characters. This is the most commonly used format for SSL/TLS certificates. Most web servers (e.g. Apache and Nginx) and Unix/Linux operating systems use this format.
The most common extensions for this format are .cer, .crt, .pem, or .key (for the private key).
You can also convert the SSL certificate to PFX (P12).
Yes, you have full control of your SSL certificate in the Customer Portal.
Once your payment has been confirmed, your SSL certificate will be ready for quick and easy issuance.
You can submit your CSR to start the SSL certificate issuance process.
Once issued, you will be able to download your SSL certificate in the format of your choice and reissue it free of charge during its period of validity.
All SSL certificates have an expiration date property that is set once they are issued and cannot be changed. Even if a SSL certificate is reissued, its expiration date remains the same.
Before your SSL certificate expires, you must renew it by purchasing and generating a new SSL certificate. Each time a new SSL certificate is generated, a new installation is required.
If your current SSL certificate was purchased from us, we will send you a renewal notice 10 days prior to the end of the subscription period.
Once the invoice is paid, the new SSL certificate is made available for management via the Customer Portal.
Even if you purchased your SSL certificate from another provider, you can renew it by simply purchasing a new SSL/TLS Certificate from us to replace the old one.
Remember that you must update the new SSL certificate keys on your web server each time a new SSL certificate is generated (new order, reissue, or renewal).
In this case, there is a problem with the SSL certificate or its installation. The SSL certificate may be self-signed (unreliable), expired, or issued to a different address than the one the browser is trying to access. There may also be a problem with the installation of the root and intermediate certificates.
Browsers display this message when one or more elements embedded in the page (images, CSS files, JavaScript components, etc.) are loaded via an insecure URL (http:// instead of https://) or with a URL that has an invalid certificate installed.
Here is some ways to solve the above problem:
Change all URLs to https. Open the problematic page and search for "http://" and change all elements references to "https://".
For example: <img src="https://www.yourdomain.com/image.gif" alt="example"/>
Note: If the image is downloaded or copied from another site that is not secured with SSL, this solution will not work.
- Make the links relative. To eliminate the problem, you can choose to change all links to "/" instead of making them "https", for example: <img src="/image.gif" alt="example"/>