答案是不能的,但是可以另辟蹊径,让每一个IP都拥有证书,在这里特别感谢搬瓦工,知道的人不需要往下看了.
先看看,我这里有个机,他的配置如下:
root@debian:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000
link/ether 00:16:3c:e4:5d:d1 brd ff:ff:ff:ff:ff:ff
altname enp0s3
inet 203.28.238.79/24 brd 203.28.238.255 scope global ens3
valid_lft forever preferred_lft forever
inet6 2406:3a00:10::2/48 scope global
valid_lft forever preferred_lft forever
inet6 fe80::216:3cff:fee4:5dd1/64 scope link
valid_lft forever preferred_lft forever
显然不是搬瓦工的,把IP地址换成域名,转换规则如下:
- 203.28.238.79 => 203.28.238.79.16clouds.com
- 2406:3a00:10::2 => 2406:3a00:0010:0000:0000:0000:0000:0002 =>2406-3a00-0010-0000-0000-0000-0000-0002.16clouds.com
对,这两个域名对应就是IP,看到没,以http-01方法申请成功.
当然,IPv6的也没问题.
没太看明白,这是个n级域名而已。和ip ssl有啥关系咧??
免费的ip证书还是有的,https://www.trustocean.com 有宝塔自动续期插件