Is it possible to generate SSL dynamically for wildcard TLDs (not subdomains) with DO load balancers?

We run an app that allows customers to assign a custom TLD to their account. With our current Caddy-based load balancer, SSL provisioning is automatic upon the first visit from a new custom domain.

I’d like to add another load balancer with health checks to improve availability, but then the setup starts to get a little more complicated. I’m interested in the peace of mind DO’s managed load balancers offer and was hoping we don’t have to go down the path of implementing a Caddy-based load-balancer cluster from scratch.

I haven’t seen a way to get dynamic SSL provisioning with the DO solution, however, and am curious if anyone has discovered a suitable workaround.

At the end of the day, I want a customer to be able to point A records for their domain to our IP and then SSL provisioning happens automatically as soon as the first traffic comes in across that custom domain.

Any thoughts are much appreciated!

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hello. Thanks for the suggestion, but right now we don’t have anything like that planned. I will take your idea for consideration, but at this time I can’t say if/when it will be done.