Question

How to add an Lets encrypt certificate dynamically using CNAME verification?

Posted February 22, 2020 233 views
MySQLApachePHPSecurityUbuntu 18.04

I have been working on a web app where users can create custom profiles of them and see it on their custom domain by adding an A record and CNAME record. If they have their profile on https://webapp.com/profile they can connect it with https://usercustomdomain.com/.

I’ve figured how to display the profile to the custom domain, but I its showing web page not secure. I tried to add SSL on that custom domain manually but then I have 2 problems:
1) Every time a user connects a domain I’ve to add a SSL manually.
2) It replaces the default website i.e. mywebapp.com 000-default-ssl.conf file in /etc/apache2/ to the users custom domain.

So, how do I lets encrypt add custom domain by verifying the cname automatically?

Appreciate your help!

Add a comment
Dd5f069ca6ec555ede696cfc3e13b5e89a661bd0
By:
Cybil
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
bobbyiliev February 23, 2020

Hello,

If I understand this correctly, it sounds like that you need some kind of automation to create a new Nginx server block for each website, and then install the Let’s Encrypt SSL certificate for the new domain.

That way if you have a separate Nginx server block for each site, it would not override the content of your 000-default-ssl.conf config file.

Another option would be to ask your customers to use Cloudflare, that way you would not have to install Let’s Encrypt on your Droplet directly, but they would be able to use Cloudflare’s SSL certificates instead.

Hope that this helps!
Regards,
Bobby

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help