diff --git a/charts/pulsar/templates/_certs.tpl b/charts/pulsar/templates/_certs.tpl
index 4240b608..ae3ae969 100644
--- a/charts/pulsar/templates/_certs.tpl
+++ b/charts/pulsar/templates/_certs.tpl
@@ -104,6 +104,10 @@ spec:
 {{- end }}
     - {{ printf "*.%s-%s.%s.svc.%s" (include "pulsar.fullname" .root) .componentConfig.component (include "pulsar.namespace" .root) .root.Values.clusterDomain | quote }}
     - {{ printf "%s-%s" (include "pulsar.fullname" .root) .componentConfig.component | quote }}
+{{- if .tlsConfig.ipAddresses }}
+  ipAddresses:
+{{ toYaml .tlsConfig.ipAddresses | indent 4 }}
+{{- end }}
   # Issuer references are always required.
   issuerRef:
     name: "{{ template "pulsar.certs.issuers.ca.name" .root }}"
diff --git a/charts/pulsar/values.yaml b/charts/pulsar/values.yaml
index 95f1f73d..4a578b51 100755
--- a/charts/pulsar/values.yaml
+++ b/charts/pulsar/values.yaml
@@ -248,6 +248,10 @@ tls:
     # The dnsNames field specifies a list of Subject Alternative Names to be associated with the certificate.
     dnsNames:
     # - example.com
+    # The ipAddresses fields specifies a list of IP addresses to include as SANs in the certificate.
+    # Useful for internal cluster communication or when DNS names are unavailable.
+    ipAddresses:
+    # - 10.84.12.9
     cacerts:
       enabled: false
       certs:
@@ -262,6 +266,10 @@ tls:
     # The dnsNames field specifies a list of Subject Alternative Names to be associated with the certificate.
     dnsNames:
     # - example.com
+    # The ipAddresses fields specifies a list of IP addresses to include as SANs in the certificate.
+    # Useful for internal cluster communication or when DNS names are unavailable.
+    ipAddresses:
+    # - 10.84.12.11
     cacerts:
       enabled: false
       certs: