Let's Encrypt is rolling out the capability soon to issue certificates with SAN of type iPAddress. More info here:
https://letsencrypt.org/2025/01/16/6-day-and-ip-certs/ https://letsencrypt.org/2025/01/09/acme-profiles/ Whether this is wonderful or a terrible, bonkers idea is irrelevant here. I'm trying to assess if the capability to issue these types of certs exists within the capabilities of acme-client(1). It appears to require the ability to select a "profile" during the ACME request to enforce a short-lived certificate. Furthermore, acme-client(1) is architected around "domains" - which a cert lacking a Common Name, Subject, and only an iPAddress SAN is at odds with. A quick scan through the man pages and source code, my initial assessment is "no" - though someone please correct me if I'm missing something. Regards Lloyd
