Wildcard SSL certificate with load balancer
I have a load balancer that terminates SSL connections and routes to multiple front end servers.
I need my LB to terminate SSL with a wildcard domain name, at multiple levels, for instance:
https://app.example.com https://foo.app.example.com https://bar.app.example.com ...
I have acquired a wildcard certificate for *.app.example.com and installed it on the load balancer.
But I’m not getting any love from the LB. http://app.example.com is not validated by the cert.
It occurred to me that I might be confused about certs. Can *.app.example.com validate for app.example.com as well as foo.app.example.com?
If not, I have a problem, as the LB only lets me select one certificate, so I can’t solve this by adding an addition cert for the higher-level domain.
Is there a way to make this work with the DO LB? Or do I need to suck it up and set up an NGINX server?