SSL for local server with bare IP address

I was wondering if it is possible to safely use sensitive data on a local server (IP address: without SSL (installed NGINX to listen to port 80 instead of 443 and left out the nginx_ssl variables) or if there are other options to issue certificates or secure the server more without needing a DNS name, since Let’s Encrypt (which is used by nginx to issue certificates) can’t issue certificates for bare IP addresses.
Any input is appreciated. Thanks in advance!

Hi @cbass

I’ve cross posted your question to our Admin chat here You're invited to talk on Matrix

The community may reply here or there, and feel free to join the chat :slight_smile:

Heya @cbass. Yeah you have some options

  • no ssl, the easiest, will generate warnings when people enter passwords because it’s insecure
  • self-signed ssl certificate, will generate warnings in the browser because it’s self signed

It’s really up to you what’s appropriate. If your local network is controlled, no one can access the network without e.g. a wifi password, then you might be ok to skip SSL as you can trust the devices on your network. It’s not generally a good idea, but knowing about your specific case it might be fine and easier than dealing with everyone’s browsers not trusting a certificate.