Working on a client project and trying to figure this one out and got me stumped :/ The client is looking to offer it'd clients custom CNAME configurations for its app So rather than api.ourdomain.com/script We want to be able to allow the end customer to be able to configure a CNAME entry on their DNS Servers so rather than api.ourdomain.com it's api.customerdomain.com Now already have the server and script site setup to figure out the client name by looking at the host name BUT now the question becomes, how do we handle the SSL carts? Don't really want to have to generate a new cert for every CNAME entry but don't know a way to allow the SSL carts to recognize any domain name. Any thoughts on how to make this work? To make it clearer, the service provider will offer api.ourdomain.com but allow customers to do api.customerdomain.com through CNAME's but how best to handle the SSL carts? This is definitely not a scripting question as that part is easy or a DNS issue on our side but rather maybe a server setup? Have looked and wild card certs are available but not at the domain level but clearly service providers offer custom CNAME setups but how do they handle the SSL certs for that setup?
Whether you are using a CNAME or an A record doesn't matter, you still need a valid SSL certificate for the host name the client is trying to connect to. For your setup you will need to put all customer domains/subdomains in one large multi domain SSL certificate.