Connection "not secure" in browser address bar [closed]

There is a website https://ccie.pl. It prompts "not secure" connection while using site IP address but everything works correctly for domain name. What is the most likely reason for this behavior ? Is it related to NGINX/Apache WebServer configuration or is it problem in configuration of DNS records or perhaps the cause should be looked for somewhere else ?

How could it be fixed from a site administrator point of view ?


Solution 1:

A certificate is valid for only the subjects it contains. Your certificate contains the DNS name "ccie.pl", but not the IP address "188.68.255.142", so it is invalid for the latter.

To my knowledge, Let's Encrypt will not issue certificates for IP addresses. Not that it is a big deal IMO, as users probably use the domain name anyway (no one likes to remember an IP address, not even an IPv4 one).

If you want to make a certificate valid for the IP address, you'll have to look for a CA who does issue certificates for IPs.