Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
PHP Error Log: authz_core:error - For files that don't exists on my server Question Question
How to make web service unavailable. As I develop this application, I'd rather not be burning up CPU or access time when not logged in. Question Question

Question

How to add an Lets encrypt certificate dynamically using CNAME verification?

Posted February 22, 2020 2.4k views
MySQLApachePHPSecurityUbuntu 18.04

I have been working on a web app where users can create custom profiles of them and see it on their custom domain by adding an A record and CNAME record. If they have their profile on https://webapp.com/profile they can connect it with https://usercustomdomain.com/.

I’ve figured how to display the profile to the custom domain, but I its showing web page not secure. I tried to add SSL on that custom domain manually but then I have 2 problems:
1) Every time a user connects a domain I’ve to add a SSL manually.
2) It replaces the default website i.e. mywebapp.com 000-default-ssl.conf file in /etc/apache2/ to the users custom domain.

So, how do I lets encrypt add custom domain by verifying the cname automatically?

Appreciate your help!

Add a comment
By:
Cybil

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
PHP Error Log: authz_core:error - For files that don't exists on my server Question Question
How to make web service unavailable. As I develop this application, I'd rather not be burning up CPU or access time when not logged in. Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer
bobbyiliev February 23, 2020

Hello,

If I understand this correctly, it sounds like that you need some kind of automation to create a new Nginx server block for each website, and then install the Let’s Encrypt SSL certificate for the new domain.

That way if you have a separate Nginx server block for each site, it would not override the content of your 000-default-ssl.conf config file.

Another option would be to ask your customers to use Cloudflare, that way you would not have to install Let’s Encrypt on your Droplet directly, but they would be able to use Cloudflare’s SSL certificates instead.

Hope that this helps!
Regards,
Bobby

Reply Report

Related

Looking for something else?

Ask a new question Search for more help