Optional SAN IP field in CVP Certificate
ZTP boot can be done without specifying the SAN IP in the certificate’s field. If the certificate is issued by a public CA without a SAN IP, it will require us to use CVP’s FQDN to set up a secure connection. Using an IP address you can set up a secure connection with CVP, because the ZTP app now resolves the DNS name to the correct IP address. Although the SAN IP field in the certificate is now optional, DNS is still mandatory.