Secure a url that has a cname record

ssl dns cname
bones picture bones · May 2, 2012 · Viewed 32.7k times · Source

I have a site that has subdomains for each user and a wildcard SSL Cert

https://user1.mysite.com

https://user2.mysite.com

The question is can someone set a cname record such as user1.theirsite.com -> user1.mysite.com and have it still use https?

Will it work if they install a SSL Cert on their server to secure the connection?

Thanks

Answer

Alnitak picture Alnitak · May 4, 2012

The best way for this to work is if they arrange with you to have your SSL certificate include their "alias" as a Subject Alternate Name extension in your X.509 certificate.

This is the approach used by some CDNs when they host https sites for clients - they put all of the known site names that are hosted on one server in one large SSL certificate, and then the clients use CNAMEs to point their domain at the right CDN server.

Related questions

CNAME SSL certificates

If I go to www.example.com which has an image on the page that links to assets.example.com which is a CNAME for assets.example2.com. Will I get the green lock even if assets.example2.com does …

Read More
Creating self signed certificate for domain and subdomains - NET::ERR_CERT_COMMON_NAME_INVALID

I followed this tutorial for creating Signed SSL certificates on Windows for development purposes, and it worked great for one of my domains(I'm using hosts file to simulate dns). Then I figured that I have a lot of subdomains, …

Read More
Assigning a domain name to localhost for development environment

I am building a website and would not like to reconfigure the website from pointing to http://127.0.0.1 to http://www.example.com. Furthermore, the certificate that I am using is of course made with the proper domain name of www.…

Read More