The company i used to work for wanted to basically replicate what plex does with their certs for our IoT devices. Unfortunately the price implied by Digicert was far too high for a startup.
The other solutions proposed like abusing Lets Encrypt, etc never really seemed right. I am still not sure really what the best solution is for IoT devices that doesn't have an astronomical cost.
1. Use HTTP. It's not forbidden yet. I think it's the most compatible solution.
2. Use http://127.0.0.1. It seems that this is standards-compatible solution, but browser support is not good enough, so if you can dictate browser choice for your user, it's the best future-proof solution.
3. Use your server as a proxy. When your localhost application wants to talk to your site, it talks to server and server retransmits this data to the browser. Quite cumbersome solution IMO, but should work, unless you must be able to work offline.
The other solutions proposed like abusing Lets Encrypt, etc never really seemed right. I am still not sure really what the best solution is for IoT devices that doesn't have an astronomical cost.