diff --git a/tribes/services/lego.scm b/tribes/services/lego.scm
index b84b76d..0bd7676 100644
--- a/tribes/services/lego.scm
+++ b/tribes/services/lego.scm
@@ -86,6 +86,14 @@
       (string-append "IP:" subject)
       (string-append "DNS:" subject)))
 
+(define (ip-subject? subject)
+  (and (not (string-any char-alphabetic? subject))
+       (string-any (lambda (chr)
+                     (or (char-numeric? chr)
+                         (char=? chr #\.)
+                         (char=? chr #\:)))
+                   subject)))
+
 (define (certificate-key-name certificate)
   (string-map (lambda (chr)
                 (if (char=? chr #\*)
@@ -121,6 +129,9 @@
      (if server
          (list "--server" server)
          '())
+     (if (any ip-subject? subjects)
+         (list "--disable-cn")
+         '())
      (list "--key-type" key-type)
      (append-map (lambda (subject)
                    (list "-d" subject))