FAQ

Do I have to pay to use this service?

No, it's free.

Can I use this certificate on my commerce website?

Although there's no technical reason why you couldn't use the sslip.io SSL key and certificate for your commerce web, we strongly recommend against it: the key is publicly available; your traffic isn't secure. sslip.io's primary purpose is to assist developers who need to test against valid SSL certs, not to safeguard content.

What is the sslip.io certificate chain?

The sslip.io certificate chain looks like the following:

Note that the "root" certificate is "AddTrust's External CA Root", which issued a certificate to the "COMODO RSA Certification Authority", which in turn issued a certificate to the "COMODO RSA Domain Validation Secure Server CA" which in turn issued our certificate, "*.sslip.io".

My webserver wants a certificate and an "intermediate certificate chain"—where do I get that?

Certain web servers (e.g. Tenable's Nessus scanner) prefer to split the chained certificate file (which has three concatenated certificates) into two files: one file containing a single certificate for the server itself (e.g. the "*.sslip.io" certificate), and a second file containing the intermediate certificate authorities (e.g. the two COMODO certificate authorities).

You can split the chained certificate file by hand, or you can download them, pre-split, from GitHub:

• the server certificate ("*.sslip.io")
• the intermedicate certificate chain (the COMODO CAs)

certificates (certificates of the Intermediate Certificate Authorities), they prefer for those certificates to be placed in a separate file. You can find the isolated which can consist of one

Why can't I use dots in my hostname? xip.io lets me use dots.

Do I have to use the sslip.io domain? I'd rather have a valid cert for my domain.

If you want valid SSL certificate, and you don't want to use the sslip.io domain, then you'll need to purchase a certificate for your domain. We purchased ours from Cheap SSL Shop, but use a vendor with whom you're comfortable.

What does the certificate chain look like?

Do you have support for IPv6-style addresses?

Why did you choose a 4096-bit key instead of a 2048-bit key?

Where do I report bugs? I think I found one.

© 2015 Brian Cunnie, Pivotal Software