How to add an Lets encrypt certificate dynamically using CNAME verification?

I have been working on a web app where users can create custom profiles of them and see it on their custom domain by adding an A record and CNAME record. If they have their profile on they can connect it with

I’ve figured how to display the profile to the custom domain, but I its showing web page not secure. I tried to add SSL on that custom domain manually but then I have 2 problems:

  1. Every time a user connects a domain I’ve to add a SSL manually.
  2. It replaces the default website i.e. 000-default-ssl.conf file in /etc/apache2/ to the users custom domain.

So, how do I lets encrypt add custom domain by verifying the cname automatically?

Appreciate your help!

Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
February 23, 2020
Accepted Answer


If I understand this correctly, it sounds like that you need some kind of automation to create a new Nginx server block for each website, and then install the Let’s Encrypt SSL certificate for the new domain.

That way if you have a separate Nginx server block for each site, it would not override the content of your 000-default-ssl.conf config file.

Another option would be to ask your customers to use Cloudflare, that way you would not have to install Let’s Encrypt on your Droplet directly, but they would be able to use Cloudflare’s SSL certificates instead.

Hope that this helps! Regards, Bobby