nelwa

Member
Jul 21, 2008
8
1
53
South Africa
Hi, I've got a web app that I want to white label. In order to provide a white label solution, I will require a SAN (Subject Alternate Name) SSL certifcate, of which the list of SAN's can be updated programmatically & dynamically.

Example:
1. My app domain is app.domain.com
2. User wants his account to work from app.user.com, so he creates a CNAME or A record that points app.user.com to app.domain.com.
3. My server now needs to provide a SSL certificate for app.user.com, but my server is not owner of that domain, so the only way to achieve this is with a SAN certificate, or some sort of DNS validation for let's encrypt.

I've looked around on the web, and certbot seem to support such functionality. I don't want to install certbot on my live server and possibly cause downtime.

Can anybody provide me with some insights into how to achieve this?

Your help is greatly appreciated!