I know we can secure domains like "https://www.abcdef.com" and get the url to appear in green indicating it's secure.
but is it possible to get a valid ssl certificate for url like "https://10.111.121.240:3000". If yes how?
Currently, I am using https://10.111.121.240:3000 but the https in the url is striked out and shown as unsecured. So I cannot get data in ios/ android emulator/ simulator.
As a general rule, NO.
CAs do not issue certificates for IP addresses. As of October 2018, all certificates that were issued for IP addresses were revoked.
Of course as @Dana mentioned you might get a certificate, but it's not going to be cheap.
Although this is a very old familiar question, here are my two cents.
Since you mentioned a port along with the IP, certificates cannot be issued for such combination. Like, IP:port.
But if you ask for 10.111.121.240 alone, I mean the ipv4 public address (Don't include the port), then it is absolutely possible.
Now, there are some services like ZEROSSL who offers free SSL certificates valid for 3 months. For SSL issuance what you need is to either provide your domain name or just the public IP. Of course not all CA's allow this. Example: Let's encrypt will only allow FQDN for providing SSL certs.
To verify the certificate installation by the CA's, there are two way to verify. 1. providing CNAME etc 2. by doing a Http file upload verification.
That's it. Now here is some extra information if you are interested.
I tried to host a website on my own server. To do that I first need a public ipv4. Getting an public ipv4 from my ISP was not possible cause the subscription I had is for cellular service. So by default port forwarding is not allowed. So the best way to over come this to use a VPN, cause the VPN encryption breaks all the restrictions put by the ISP. Now, I searched for a free VPN services which allows port forwarding. portmap.io is one of such services. The only catch is that they issue a specific port only for your account, and ask you to map that port to your local machine port. Finally I succeeded in hosting my own website in my mobile using Termux APP (python module) + portmap VPN.
Stage2: Get an SSL certificate for this portmap VPN URL. The URL looks similar to what you mentioned. 193.22.202.29:1176 something. As I already said SSL for this URL is not possible. If I remove the port, then that's the portmap companies public IP. File upload verification by CA won't work.
Stage3: Trash all the above and simply went for AWS EC2 instance free tier. Use an apache2 server in it and used the instance's public IP to verify my SSL certificate by ZEROSSL.
It's possible and it will work.
The only trade-off is that you have to access the system always via the IP address. If you access the system using it's FQDN, the browser will show the resource as insecure since the certificate contains CN=< IP >, instead of CN=< FQDN >.
This answer contains more information.
