An interesting discovery about Dreamhost.

11 December 2017

dreamhost ip addresses lets encrypt ssl undocumented web hosting

As you may or may not be aware, I've been a customer of Dreamhost for many years now (if you want to give them a try, here's my referral link).  Both professionally and personally, I've been hosting stuff with them without many complaints (their grousing about my websites being too large is entirely reasonable given that I'm on their shared hosting plan).  Something always got me about their SSL support, though, was that you had to buy a unique IP address from them if you wanted to use it.  That cost a pretty penny, almost as much as I pay every year for hosting service.  After all, there's the SNI protocol which essentially lets you put SSL on multiple websites hosted at the same IP address.  It's been around since 2006 and has been supported by Apache since v2.2.12 so there wasn't any real reason to not offer it.  On the other hand, though, IPv4 addresses are getting pretty thin on the ground so paying for the privilege so I could have SSL on my website was worth it.  Plus, Dreamhost has to sell services to stay in business, and sometimes that means paying for perks as much as you or I might be annoyed by it.

A couple of years ago Dreamhost started offering free SSL certificates through their partnership with the Let's Encrypt project if you were a customer.  The idea is that you could click a couple of buttons in their control panel and they'd hook you up with an automatically renewing SSL cert for your website.  So, of course I jumped at the opportunity because I got tired of the self-signed certificate errors everybody was getting.  Comes with the territory.

Last weekend, for whatever reason I got it in my head to e-mail customer support and ask them if I had to keep paying for a unique IP address if I was using a Let's Encrypt certificate on my website.  I use acme-tiny to maintain the certs on my servers (I should write up how I do that one of these days), so... I figured the worst they could do was say "No."

As it turns out, if you use Let's Encrypt on Dreamhost, you do not have to keep paying for a unique IP address.  It's safe to go into your control panel, click that tiny little 'x' button, and save yourself some money every year.  I did so earlier today (about a week ago, as you'll reckon it) and everything seems copacetic.  This also means it's safe to turn on SSL for every site you have there, and it won't cost you any more money.  Though it would be good to donate to the Let's Encrypt project to support their work.

back to top