SSL certificate for IP address only

[DynamicArray]

I'm running LetsEncrypt certificates on my virtual hosts, because all have domains.

However, PCI scanning makes IP address requests as well, and these fail because there is no valid SSL on the IP address alone.

Since LetsEncrypt doesn't support IP address in its certs, how can I resolve this?

For clarity the PCI scanning requests are coming in on https:/X.X.X.X:443

 

[Cold-Egg]

I don't think Let's Encrypt supports IP certificates. Maybe you can use a self-signed certificate?

 

[DynamicArray]

I have a certificate - from zeroSSL - it's how it install it that I'm not clear.

I have domain-based certs on an https listener (port 443). Since I can't add another listener for that port, I'm thinking I need to have multiple certs, but am unclear how to achieve that.

 

[Cold-Egg]

If you have a virtual host for that IP, then you can add the cert to the virtual host > SSL.
See https://docs.openlitespeed.org/configuration#set-up-ssl-for-virtual-hosts

 

[DynamicArray]

But, how do I set up a virtual host for the IP? Just put the IP address in the domain setting?