IP Address

All Business Validation Certificate Authorities Changes Code Signing Configuration CPAC CSR Code CSR Decoder CSR Generation Tutorials CSR Generator DigiCert Domain Validation Extended Validation General Install SSL Certificates Installation IP Address LEI Multi Domain Payments Private Key Renewal S/MIME Types Updates Wildcard
Can I secure an IP address with an SSL Certificate?

Yes, you can secure an IP address with an SSL Certificate. However, only some specific SSL Certificates will allow you to do that. Here are those SSL Certificates:

– Sectigo InstantSSL Premium
– GoGetSSL Public IP SAN

Please note that the Sectigo InstantSSL Premium is a Business Validation SSL Certificate, which means that you need to have a registered company in order to be issued this SSL certificate.

GeGetSSL Public IP SAN is a Domain Validation SSL Certificate which secures 2 IP addresses by default.

Copy Link

How to validate an IP address on a router

If your router has a public IP address, you can still validate that IP address.

HTTP/HTTPS validation is the only method available for IP address validation. The HTTP/HTTPS validation method consists of adding a TXT file on your IP address and having Sectigo scan that IP address and validate it. There is no way to upload a TXT file on your router. The solution to get the IP address validated is to reroute the IP address to a server, put the TXT file on that server, pass the IP validation, and then reroute the IP addresses back to the router.

You can read more information on what the TXT file should include and where to upload it in the following FAQ item: https://www.ssldragon.com/faq/pass-validation-public-ip-address-ssl-certificate/

 

Copy Link

How to pass the IP validation for a public IP address?

Certain SSL Certificates allow you to secure an IP address, only if it is a public IP address. The validation process for IP addresses is similar to validating a domain name, but it has its particularities. That is why we encourage you to follow the guidelines below.

GoGetSSL

STEP 1. First of all, you have to configure your SSL Certificate by filling in the configuration form inside your SSL Dragon account.

Important! When configuring your certificate, you will be asked to generate a CSR with NO Common Name. Here is how to do it.

STEP 2. Mention your IP address / IP addresses in the SANs field.

If you have just 1 IP address, just insert it in the SANs field, with no extra spaces or characters, e.g.:

123.34.34.234

If you have 2 or more IP addresses (if you purchased additional SANs), insert your IP address list in the SANs field, with each IP address space-separated, e.g.:

123.34.34.234
124.34.24.234

Important! This step is mandatory. Since the CSR has no IP address included in its fields, it’s important to mention your IP address / IP addresses in the SANs field. Otherwise, if you leave the SANs field blank, the SSL Certificate won’t be further configured and you’ll see an error message.

NOTE: if you need to secure an IP address and a domain name, GoGetSSL PublicIP SAN allows you to do that, but it needs manual configuration. Please open a ticket with us, send us the CSR (with No Common Name), the IP address, and the domain name. We’ll configure the SSL manually and provide you the instructions for further validation.

STEP 3. Once your certificate is configured, you have to prove the ownership or right to use that IP address. To do that, you have to pass the HTTP/HTTPS validation for your SSL Certificate. Email or DNS validation are not available for IP validation. To pass the HTTP/HTTPS validation, you have to create a .TXT file that contains the validation code provided on the “Content” field on the details page of your SSL Certificate page. The “Content” that you have to add to the .TXT file looks similar to this:

38622319C755B5952FA4CD590655F05000C4951C2EF07BFFCB2BBA23623BE9D6
COMODOCA.COM
t0520161001553133275

Then you have to upload the TXT file at a location on your server that looks like this:
http://127.0.0.1/.well-known/pki-validation/B34037F1D9BFE9F5936AFEA9798174AB.txt

127.0.0.1 should be replaced by the IP address that you are trying to validate. You can read the information on how to create the .well-known folder at this link: https://www.ssldragon.com/faq/create-well-known-folder/

Make sure that you can access this file and link from any web browser. Inform us when you uploaded the attached TXT file on your server so that we could run a scan of your website and look particularly for this file at this given link.

If you follow these steps exactly, you will get your IP address validated successfully.

NOTE: If you have a router to secure instead of a server, there is no way to upload the TXT file on your router. The solution to getting the IP addresses validated is to reroute the IP address to a server, put the TXT file on that server, pass the IP validation, and then reroute the IP address back to the router.

Sectigo

STEP 1. First of all, you have to configure your SSL Certificate by filling in the configuration form inside your SSL Dragon account. When configuring your certificate, you will be asked to generate a CSR or enter an existing CSR.

Please make sure you include your IP address as a “common name” (domain/IP that you want to secure) in your CSR.

STEP 2. Once your certificate is configured, you have to prove the ownership or right to use that IP address. To do that, you have to pass the HTTP/HTTPS validation for your SSL Certificate. Email or DNS validation are not available for IP validation. To pass the HTTP/HTTPS validation, you have to create a .TXT file that contains the validation code provided on the “Content” field on the details page of your SSL Certificate page. The “Content” that you have to add to the .TXT file looks similar to this:

38622319C755B5952FA4CD590655F05000C4951C2EF07BFFCB2BBA23623BE9D6
COMODOCA.COM
t0520161001553133275

Then you have to upload the TXT file at a location on your server that looks like this:
http://127.0.0.1/.well-known/pki-validation/B34037F1D9BFE9F5936AFEA9798174AB.txt

127.0.0.1 should be replaced by the IP address that you are trying to validate. You can read the information on how to create the .well-known folder at this link: https://www.ssldragon.com/faq/create-well-known-folder/

Make sure that you can access this file and link from any web browser. Inform us when you uploaded the attached TXT file on your server so that we could run a scan of your website and look particularly for this file at this given link.

If you follow these steps exactly, you will get your IP address validated successfully.

NOTE: If you have a router to secure instead of a server, there is no way to upload the TXT file on your router. The solution to getting the IP addresses validated is to reroute the IP address to a server, put the TXT file on that server, pass the IP validation, and then reroute the IP address back to the router.

STEP 3. The last step towards getting the SSL Certificate for your IP address is to pass the Business Validation. You can find detailed instructions on how to do that at this link: https://www.ssldragon.com/faq/how-to-pass-the-business-validation-for-my-ssl-certificate/

Copy Link