Free application and installation of ip ssl security certificate ZeroSSL: So what if you don’t have a domain name? Pure IP can also be accessed using HTTPS

This article table of contents show 1. ZeroSSL certificate application 1.1. Apply manually 1.2. Verify domain name 2. ZeroSSL certificate installation 2.1. Download certificate file 2.2. Merge SSL certificates 2.3. Install SSL certificate 3. Summarize 3.1. Reference link

Generally speaking, we use domain name access to add an SSL certificate to the domain name. It is a routine operation for building a website. However, some applications may not need to use domain name access, or do not want to bind a domain name, but just want to use a simple IP to implement it. access. In the current context where the entire network is accessed via HTTPS encryption, is it possible to add an SSL certificate to the IP address to achieve access?

Yes. But most IP-facing SSL certificates come with a fee. ZeroSSL provides free SSL certificates ^[1] that support pure IP issuance. This article will share zeroSSL ^[2] free pure IP SSL certificate application and how to Install and configure zeroSSL free SSL certificate on your own server (Nginx). For more free SSL, please refer to the special page: Collection and summary of free SSL certificates ^[3].

ZeroSSL certificate application

Website: https://zerossl.com^[4]

Manual application

Go to the ZeroSSL^[5] official website, register an account, and click on Free SSL Certificate Application.

Fill in your IP address and select the free SSL certificate duration.

Select to automatically generate a CSR.

Verify domain name

ZeroSSL free SSL certificate provides two domain name verification methods. The simplest is Web verification, but the premise is that you want your IP address to achieve Web access. If not, you can choose to add TXT record verification using domain name DNS.

If you choose website Web access, directly download the verification file, and then upload it to the default Web directory of the IP address. The requirement is that the path remains as follows:

Open the IP in your browser and make sure you can access the verification file.

Finally, return to the ZeroSSL verification page and click Complete Verification.

ZeroSSL certificate installation

Download certificate file

After the ZeroSSL certificate verification is successful, you can download the certificate file. ZeroSSL SSL certificate ^[6] provides a variety of forms, including Nginx, Apache, etc.

Here we take Nginx as an example. There are three ZeroSSL certificate files downloaded: ca_bundle.crt and certificate.crt as well as the private key key.

Merge SSL certificates

For Nginx server, you need to merge ca_bundle.crt and certificate.crt by opening certificate.crt, then copy and paste the contents of ca_bundle.crt at the end.

Install SSL certificate

If you are using the Pagoda panel, you can click to install the SSL certificate directly in the background, and then upload and save the certificate and key files separately.

If you are using the Oneinstack one-click package ^[7] and the LNMP one-click installation package ^[8], you need to open your Nginx configuration file (not the domain name Nginx configuration file), refer to the following format modification, be careful to change the path of the SSL certificate to your own:

server { listen 443 ssl http2; #listen [::]:443 ssl http2; server_name _; index index.html index.htm index.php; root /home/wwwroot/default; ssl_certificate /usr/local/nginx/conf/ssl/ipssl/wzfouip.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/ipssl/wzfouip.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM- SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5"; ssl_session_cache builtin:1000 shared:SSL:10m; # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048 ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem; access_log /home/wwwlogs/access.log; }

After installing the certificate, remember to execute: nginx -t once to check if there are any syntax errors. If not, restart Nginx directly to complete the SSL certificate installation. Open the IP address and you can see that the IP SSL certificate has been successfully installed.

Summary

As of now, there is no good tool to automatically renew the pure IP ZeroSSL free SSL certificate ^[9]. A developer on Github has written a tool using golang to update: https://github.com/tinkernels/zerossl-ip-cert, but it is not easy to operate, so the easier way is to apply for renewal manually.

The easier way is to apply for renewal manually.

Reference link

[1]Free SSL certificate: https://wzfou.com/tag/mianfei-ssl/[2]zeroSSL: https://wzfou.com/tag/zerossl/[3]Free SSL certificate collection and summary : https://wzfou.com/mianfei-ssl/[4]https://zerossl.com: https://wzfou.com/go/zerossl[5]ZeroSSL: https://wzfou.com/tag/ zerossl/[6]ZeroSSL SSL certificate: https://wzfou.com/tag/zerossl-ssl-crt/[7]Oneinstack one-click package: https://wzfou.com/oneinstack/[8]LNMP one-click installation Package: https://wzfou.com/tag/lnmp-yzb/[9]ZeroSSL Free SSL Certificate: https://wzfou.com/tag/zerossl-mianfei-ssl/

Original link: https://wzfou.com/zerossl-mianfei-ip-ssl/

Recommended site search: dynamic ip server, dynamic ip and static ip, registered website, overseas server, hosting, what is a domain name server, US host ranking, expired registered domain name query, anti-complaint vps host, how to query domain name registration number ,