I have a site where customers can register and get a subdomain site.
Example, they register some_name.mysite.com. This works fine for DNS and SSL. I am using a wilcard SSL on my server: *.mysite.com
I'd like to add the feature so that my customer can link their own domain to their site (some_name.com -> my server). I already have the DNS part completed.
How would the SSL part of this work? Is there a typical way this is done?
I'll assume this is about certificates with SSL and that what you actually already have is a wildcard certificate (used by SSL or TLS). Let's also assume that your service is something like an Apache (or nginx based on one of the tags attached to your question) web service. Feel free to clarify this. However as a "New contributor" I cannot ask for clarification via a comment on your question.
My understanding is that your customer (or you on their behalf) will need to get another certificate for some_name.com and add it to your Apache (or whatever your service is) configuration. Your wildcard certificate for *.mysite.com will not work for the some_name.com site (although maybe you can modify that certificate to add other domains).
You will need a TLS certificate that includes their domain name.
Your options are roughly:
You request a TLS certificate for the customer domain:
have the customer supply you with the private key and signed certificate to add to your configuration. That also means adding a new TLS VirtualHost for each customer.
Either way you will also become responsible for (monitoring) certificate renewals and may have to deal with customers who for example let their domain registration renewals lapse.
