Related

how to enable HTTP/2 after installing SSL via letsencrypt in command line Question Question
Webmin - Lets' encrypt SSL_ERROR_RX_RECORD_TOO_LONG (Firefox) Question Question

Question

Let's Encrypt for sub domains

Posted July 10, 2020 215 views
Let's Encrypt

I have created multiple subdomains(a.example.com, b.example.com etc) and pointed them to different load balancers. How would i be able to provide SSL for all the subdomains and main domain through DigitalOcean’s Let’s Encrypt feature?

Add a comment
demonoid92
By:
demonoid92
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
alexdo July 11, 2020

Hello, @demonoid92

What you can do is to use a SSL termination which decrypts SSL requests at the load balancer and sends them unencrypted to the backend via the Droplets’ private IP addresses.

Another option is the SSL passthrough, which sends encrypted SSL requests directly to the backend, via the Droplets’ private IP addresses. This secures the traffic between the load balancers and the backend servers.

You can also check our docs on the Load Balancers SSL Termination:

https://www.digitalocean.com/docs/networking/load-balancers/how-to/ssl-termination/

Hope that helps!

Regards,
Alex

Reply Report
  • demonoid92 July 13, 2020

    Hi Alexdp, Thanks for the reply.

    I tried the mentioned configuration as shown below.

    1. abc.com –> abc load balancer
    2. 1.abc.com –> 1 load balancer
    3. 2.abc.com –> 2 load balancer

    Now when i try to set Lets encrypt certificate in LB for abc.com, it works. But once when i set a new certificate for 1.abc.com, a new entry A record on domain is created in abc.com which redirects abc.com to 1.abc.com . How do i handle this.

    Reply Report
    • alexdo July 14, 2020

      Hi, @demonoid92

      Could you please elaborate more on this? What is the exact DNS A record that is created which redirects abc.com to 1.abc.com

      Also I assume that you’re using separate SSL Certificates for each subdomain and not a Wildcard that covers all the needed subdomains?

      Regards,
      Alex

      Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help