I want to be able to allow customers who use my web application to use their custom domains.
internet -> custom domain -> load balancer -> web application
In this typical design, the SSL will be terminated at the load balancer level. Let’s say I am using nginx to proxy requests to my web application.
How can I automatically create/update my certs at this layer, and being able to scale to potentially thousands of domains that are managed in a pain free way.
The language of choice for me is Go, but my web applications are not necessarily written in Go so I can’t use autocert at the web application level.