Mobile app version of vmapp.org
Login or Join
Jessie594

: What Kind of SSL Certificate Would Work? I am in the process of setting up a white label web store platform which will be accessed through customer owned domain names, but I need to have

@Jessie594

Posted in: #Https #SecurityCertificate

I am in the process of setting up a white label web store platform which will be accessed through customer owned domain names, but I need to have the entire site protected by SSL for all customers. I realise I could probably add an SSL certificate for each individual customers registered domain name but given the fact that all of my customers will be hosted with the same software on the same servers and the only thing that changes is the domain name I am wondering if there is a better option.

All connections will be terminated on an AWS Elastic Load Balancer.

Examples of addresses could be... customer-domain.com www.customer-domain-2.com
...
websales.customer-domain.com
...
customer-name.websales.mydomain.com

I am expecting to terminate upwards of 1000+ domain names to this software stack. Each domain name will be detected by the website and the webstore will be displayed based on the domain name in question.

Would a wild-card certificate work here or what would be best. It is fine if the SSL certificate is registered to my company as long as it can validate on any domain name that connects to my website and it doesn't throw an SSL error or cause browser trust issues where the certificate is deemed suspicious and the user is blocked from accessing the site.

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Jessie594

2 Comments

Sorted by latest first Latest Oldest Best

 

@Jennifer507

I really appreciate with @Steve .

As you explained, your requirement is securing your ecommerce platform where users or customers can set up secure web store with their own custom domains or sub-domains or second level sub-domains.

In that case, wildcard SSL can’t eligible to fulfill your business needs, because it can secure only sub-domains which are hosted under a root domain.

For example:-

Certificate issued for *.primaryrootdomain.com, it will secure…


shop.primaryrootdomain.com
blog.primaryrootdomain.com
anything.primaryrootdomain.com


You can purchase an individual certificate for each domain, but it is difficult to purchase, install and manage multiple certificates. You have to put some extra efforts to manage the certificate validity, expiry date, renewal time, and configuration.

Solution: - Multi Domain SSL (UC SSL Certificate)

Multi Domains SSL is an ideal solution for you; it can secure multiple domains, sub-domains and second level sub domains too. Comodo is most trusted and widely use SSL certificate authority. - w3techs.com/technologies/cross/ssl_certificate/ranking

10% popularity Vote Up Vote Down


 

@Pierce454

A wild card certificate won't work in the way you have described. To implement a single certificate you would need to have each customer as a subdomain of the primary domain. "...a wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain..." en.wikipedia.org/wiki/Wildcard_certificate
There is a Unified Communications Certificate that might do the job, however each time you add a new domain the certificate would have to be renewed, plus if you are hoping that a single certificate means a single reasonably priced payment, this wouldn't work either. www.digicert.com/unified-communications-ssl-tls.htm
Alternatively they would each have to have their own certificate. Perhaps your model can include a payment to "join" that includes the certificate.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme