I've implemented https for IoT devices in a similar way that plex did it. Basically every device got a cert for *.$MAC_ADDRESS.myiot.com and then the DNS for myiot.com would essentially bounce back 192_168_10_10.$MAC_ADDRESS.myiot.com to an A record for 192.168.10.10
You needed to know the IP for the device still (in our case we still had a central service keeping track of it), but the principle works. For cheap IoT I guess the cost of the certs can be too large though, we couldn't use letsencrypt due to limits on the number of certs per domain.
You needed to know the IP for the device still (in our case we still had a central service keeping track of it), but the principle works. For cheap IoT I guess the cost of the certs can be too large though, we couldn't use letsencrypt due to limits on the number of certs per domain.