I know there’s been quite a few posts on this in the forum and I’ve been reading through them trying to get what info I can but I still have a few questions.
Basically my SAAS currently runs on GAE (google app engine) which will automatically issue certs for me (for domains I have access to).
I want to allow users to point custom domains to the app. For this I plan to get them to create a txt record so I can verify the domain, and then get them to use a cname record to point to my app.
I want to be able to issue certs on their behalf and so will use LetsEncrypt. I would use a HTTP based challenge after they’ve set-up the cname, except, as the app is on app engine, I can’t create the well-known file seeing as this is based on appengine standard - unless we can create a custom file (though then I wouldn’t know how to get the correct challenge out of the cli which would potentially live on a different server)?
As mentioned above, the certs may have to be issued from a different server to make this work based on how GAE works and then I use the GCloud apis to upload the certs to app engine.
Does anyone have any experience on this, or ideas on how I should approach this?