I'm investigating a feature to allow users to point their own domain names at our service to provide a more complete white-lable offering. So, I end up with multiple domains hitting the same IP开发者_运维技巧.
How do I provide SSL security for this? Do I need a cert per domain? UC certs? How would you deploy and manage this in a rails app?
We do this with one of our apps (which provides ecommerce). Most customers just have a sub-domain specific account. For those, we have a wildcard certificate.
Some customers have, like you mentioned, custom domains. For those, we require that they purchase the certificate (we recommend GoDaddy because they are cheapest) for their domain. We then provision a new IP address and configure nginx accordingly.
You also have to make sure they are pointing their domain via an A RECORD and not a CNAME (otherwise, it won't hit the right IP).
We host are app on EngineYard so they help out quite a bit.
But, yes, if you're planning on having hundreds or thousands of users with custom domains, that could become a hassle. You may want to look into some type of hybrid setup where non-SSL pages are served via the custom domain but use a generic application domain (with subdomain) for SSL stuff. Like:
http://customdomain.com and http://customdomain.com/contact
and then
https://client.generic.com/purchase
You need an IP per certificate.
I don't think this will be easy, even sites like Shopify have to have the site's SSL pages on a part of the shopify domain to offer SSL, so unless you want to set up an IP address and certificate per domain, I don't think you can do this.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论