Question
How to add an SSL Certificate to a non toplevel domain managed by digitalocean nameservers ?
- Posted on March 19, 2020
- DigitalOcean Managed Load Balancers
Asked by stijink
Hi,
My scenario is as followed. I do own a toplevel domain (example.com will do as an example). This is currently managed by Amazon Route 53.
On Route53 i configured a subdomain (app.example.com) to be managed by digitalocean nameservers.
This subdomain is then routed by a digitalocean loadbalancer to two droplets. This is working fine.
Now i would love to add a SSL certificate to this setup. Ideally managed automatically by digitalocean/let’s encrypt.
But i cannot configure this subdomain to use with the SSL certificate. The frontend insists to have a toplevel domain.
Is there a way to make my setup working ? Moving the whole TLD to digitalocean is not possible at the moment.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Hi,
thank you for your replies. Our current infrastructure is quite large, so we cannot just move the whole DNS management over at once. My approach with this was to migrate one part after another to digitalocean.
Maybe i have to setup a dedicated loadbalancer (on a droplet) then until things change.
Hi,
I would recommend just moving your DNS management over to DigitalOcean, it is a free service that they offer, compared to Amazon Route 53 which could be super costly.
I’ve had situations where Amazon Route 53 was the most expensive thing on my AWS bill.
Hey @stijink,
I think that this might not be doable as of the time being. I would recommend checking the answer here:
https://www.digitalocean.com/community/questions/do-loadbalancer-won-t-add-lets-encrypt-cert-for-subdomain-that-do-is-managing?answer=49882
The best thing to do to get your voice heard regarding this would be to head over to our Product Ideas board and post a new idea, including as much information as possible for what you’d like to see implemented.
Hope that helps! - Bobby.