Nope, certificates are issued for CNs(Common Name), also known as FQDNs (Fully qualified domain names). Something such as *.google.com, not IP addresses.
If they were issued for IP addresses they would have to reissue the certificate every time they spun up a new server. Also it's why if you spin up another server and make DNS point google.com to that server, it would not pass verification since the certificate you will be using on that server is not issued to *.google.com, but rather some other domain you own. The IP address plays no role in certificates.
baobabKoodaa|1 year ago
echoangle|1 year ago
bufferoverflow|1 year ago
And without DNS pointing google.com to that IP address, it's pretty useless.
zer0x4d|1 year ago
If they were issued for IP addresses they would have to reissue the certificate every time they spun up a new server. Also it's why if you spin up another server and make DNS point google.com to that server, it would not pass verification since the certificate you will be using on that server is not issued to *.google.com, but rather some other domain you own. The IP address plays no role in certificates.
echoangle|1 year ago
On the internet itself maybe, but you can still MITM people on some network, right?
unknown|1 year ago
[deleted]