Question

How to add an SSL Certificate to a non toplevel domain managed by digitalocean nameservers ?

Posted March 19, 2020 113 views
DigitalOcean Managed Load Balancers

Hi,

My scenario is as followed. I do own a toplevel domain (example.com will do as an example). This is currently managed by Amazon Route 53.

On Route53 i configured a subdomain (app.example.com) to be managed by digitalocean nameservers.

This subdomain is then routed by a digitalocean loadbalancer to two droplets. This is working fine.

Now i would love to add a SSL certificate to this setup. Ideally managed automatically by digitalocean/let’s encrypt.

But i cannot configure this subdomain to use with the SSL certificate. The frontend insists to have a toplevel domain.

Is there a way to make my setup working ? Moving the whole TLD to digitalocean is not possible at the moment.

Add a comment
stijink
By:
stijink
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers
bobbyiliev March 19, 2020

Hey @stijink,

I think that this might not be doable as of the time being. I would recommend checking the answer here:

https://www.digitalocean.com/community/questions/do-loadbalancer-won-t-add-lets-encrypt-cert-for-subdomain-that-do-is-managing?answer=49882

The best thing to do to get your voice heard regarding this would be to head over to our Product Ideas board and post a new idea, including as much information as possible for what you’d like to see implemented.

https://ideas.digitalocean.com/

Hope that helps!
- Bobby.

Reply Report
ServerEnthusiast March 19, 2020

Hi,

I would recommend just moving your DNS management over to DigitalOcean, it is a free service that they offer, compared to Amazon Route 53 which could be super costly.

I’ve had situations where Amazon Route 53 was the most expensive thing on my AWS bill.

Reply Report
stijink March 19, 2020

Hi,

thank you for your replies. Our current infrastructure is quite large, so we cannot just move the whole DNS management over at once. My approach with this was to migrate one part after another to digitalocean.

Maybe i have to setup a dedicated loadbalancer (on a droplet) then until things change.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help