SSL for Custom domains connected to my server via A record


#1

Hello,

I have a website builder on my digitalocean server. the builder allows to create and publish sites on subdomains and connect users own domain via A record.

I installed a Comodo Wildcard SSL to cover all subdomains, however, I wonder how I can provide Free Let’s Encrypt Standard SSL certificate for my clients’ custom domains.

I contacted DigitalOcean they told me it’s possible and it’s not a big deal for a person who did that before. They also told me that there might be a ready scripts for those kind of task.

Can you please me to find out the best way to provide free SSL for my clients domains.
If you have any ideas, offers or suggestions I am open to disscuss.

Thanks in advance


#2

Hi,

You’ve reached the right place…

Now, a simple question: How many client do you think need certificate? (If the number is relatively small, you can obtain certificate manually from command line, take a look at this page…

If it’s too much work to request certificate for each domain, consider using an PHP or something script to automate it… Unfortunately I don’t know any of the scripts that can do this…)

In short, if you use command line method to obtain certificate, you could follow the tutorial posted on Digital ocean. (The one below is just an example, google keyword : Digital Ocean Let's Encrypts will get more… it’s mostly the same anyways…)

Thank you


#3

Hi Steven,

Thank you for your answer.
I am not a developer and I do not work with command line :frowning:

I am interested in the automatic process so I need to find someone who can help me to write that script.

Thanks


#4

Is there anyone who can help? :frowning:


#5

Hi @termoplus,

If you’re not used to writing scripts and other software then I think it might be tough for you to automate this process. We don’t have an existing host-oriented tool and most of the hosting providers who’ve posted here have planned to write some of their own software in order to integrate with their customer flows.

One thing you might want to look at is that control panel environments like Plesk and cPanel now include Let’s Encrypt support, so if you were using control panels of this sort for your customers, they could get Let’s Encrypt support that way.

There are dozens of tools that can get free Let’s Encrypt certificates, but they are mostly aimed at system administrators who are used to configuring each domain individually, or else writing their own scripts for automation purposes. I would suggest asking whoever created the “website builder” tool that you use whether it would be possible to add some kind of Let’s Encrypt support. If not, you might want to think about options like

  • changing your software environment to a different environment that supports Let’s Encrypt more automatically
  • getting and setting up the certificates more manually, using tools like Certbot or acme.sh
  • hiring a developer to set up some scripting or automation for you

I’m sorry that we don’t have a obvious choice for an automatic set of tools for your situation.

One other thing that comes to mind is that the Caddy web server obtains certificates automatically for each domain. I’m not sure whether it would be a reasonable alternative to whichever web server you’re currently using.


#6

Thank you for your answer.

The developers advised not to use any kind of panels because it will conflict with the builder.
I talked to digitalocean support they told me to hire someone who did that before it won’t be hard to do, so if someone can help I’d to discuss some options.

Thanks


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.