I have a load balancer that terminates SSL connections and routes to multiple front end servers.

I need my LB to terminate SSL with a wildcard domain name, at multiple levels, for instance:


I have acquired a wildcard certificate for *.app.example.com and installed it on the load balancer.

But I’m not getting any love from the LB. http://app.example.com is not validated by the cert.

It occurred to me that I might be confused about certs. Can *.app.example.com validate for app.example.com as well as foo.app.example.com?

If not, I have a problem, as the LB only lets me select one certificate, so I can’t solve this by adding an addition cert for the higher-level domain.

Is there a way to make this work with the DO LB? Or do I need to suck it up and set up an NGINX server?

Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!