Hey out there to whoever is reading.
I have a question and it is regarding a UNI question which I can't seem to find the answer when researching so I thought i'd come to the experts of the web.
The question I'm asked is: 3. For which type of SSL certificate do you need a dedicated IP address?
I understand if asking for help with uni is against terms and conditions as I know some websites don't allow it. (But no harm in trying yeah?)
Thankyou to anyone who helps
For which type of SSL certificate do you need a dedicated IP address?
The context of the question is unknown and it is unknown what "type" of SSL certificate actually means in this unknown context. This could be domain validated vs. extended validated or it cold be X.509v1 vs X.509v3 or even other things. But, I'll try to explain the underlying concepts so that you should hopefully be able to come up with an answer yourself.
Validation of the certificate includes checking the target hostname (from the URL in case of HTTPS) against the subjects of the certificate. These subjects can be given as subject alternative names and/or as common name. Commonly none of these subjects has an IP address which means that commonly no fixed IP address is needed for a server using this certificate - all what is needed is that the server is actually reachable by the given hostname (i.e. DNS is properly setup) and that the client is using this hostname to connect to the server (instead of using the IP address only).
But it is possible to also include IP addresses as subject of the certificate. This is uncommon and no public CA (as found as trust anchor in the browser) will issue such a certificate any longer but private CA might do it. The validation is similar to the hostname, i.e. the client has to use the IP address in the URL to access the site and check that the IP address used matches any of the IP addresses given as subject in the certificate. Having a fixed IP will help in this case but actually the only requirement is that the IP address the client uses is included as any of the possible many subjects in the certificate. This means that the server might actually be reachable by different IP addresses as long as all of these are included as subject in the certificate.