Is it possible to generate SSL dynamically for wildcard TLDs (not subdomains) with DO load balancers?

Posted January 29, 2020 1.5k views
DigitalOcean Managed Load Balancers

We run an app that allows customers to assign a custom TLD to their account. With our current Caddy-based load balancer, SSL provisioning is automatic upon the first visit from a new custom domain.

I’d like to add another load balancer with health checks to improve availability, but then the setup starts to get a little more complicated. I’m interested in the peace of mind DO’s managed load balancers offer and was hoping we don’t have to go down the path of implementing a Caddy-based load-balancer cluster from scratch.

I haven’t seen a way to get dynamic SSL provisioning with the DO solution, however, and am curious if anyone has discovered a suitable workaround.

At the end of the day, I want a customer to be able to point A records for their domain to our IP and then SSL provisioning happens automatically as soon as the first traffic comes in across that custom domain.

Any thoughts are much appreciated!

1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hello. Thanks for the suggestion, but right now we don’t have anything like that planned. I will take your idea for consideration, but at this time I can’t say if/when it will be done.