8

Is there a solution within AWS for implementing a wildcard subdomain (with Route 53). where any subdomain ex1.example.com, ex2.example.com or whatever.example.com can all point to the same server? This server would then have a wildcard SSL cert to allow for the subdomains.

Is this possible?

Larry
  • 81
  • 1
  • 1
  • 2
  • Hi Larry, if the response below answered your question please upvote and accept it. That's the ServerFault's way to say thank you for the time and effort someone took to help you. Thanks! – MLu Nov 03 '18 at 03:35

3 Answers3

6

Route53 does support wildcards (from the Route53 FAQ):

Q. Does Amazon Route 53 support wildcard entries? If so, what record types support them?

Yes. To make it even easier for you to configure DNS settings for your domain, Amazon Route 53 supports wildcard entries for all record types, except NS records. A wildcard entry is a record in a DNS zone that will match requests for any domain name based on the configuration you set. For example, a wildcard DNS record such as *.example.com will match queries for www.example.com and subdomain.example.com.

You will need to obtain a wildcard SSL certificate separately and host it on any servers accepting these requests.

guzzijason
  • 1,410
  • 8
  • 18
6

Sure AWS can do that.

  1. Set a wildcard CNAME record *.example.com in Route53 that points to your AWS ELB (Elastic Load Balancer), AWS ALB (Application Load Balancer) or directly to your HTTP Server.

    If you are using ELB/ALB do not create the wildcard as A-records for the IP addresses as they may change over time. Either create CNAME or ALIAS!

  2. If you're using ELB/ALB check out AWS ACM (Amazon Certificate Manager) - it can create and manage free SSL certificates that you can use with ELB/ALB.

  3. If you're not using ELB/ALB you will either have to buy a commercial wildcard cert or use LetsEncrypt wildcard certificate, however that's a bit of a pain to renew as the challenge handshake must be done through DNS / Route53.

If your website is at least a little important I suggest you look at ALB + ACM instead of terminating the traffic directly on the web server.

Hope that helps :)

Community
  • 1
MLu
  • 24,849
  • 5
  • 59
  • 86
1

Not with route 53 but with a Load Balancer. Checkout ACM. You will have to create your wildcard certificate. It is free but you won't have access to it.

If you need a secure connection between the Load Balancer and your server, you will have to install your own on this server.

Kaymaz
  • 241
  • 3
  • 11
  • It's entirely possible to have a wildcard subdomain on AWS without needing ACM and a load balancer. – ceejayoz Oct 09 '18 at 13:07
  • I never said that is was not possible. – Kaymaz Oct 09 '18 at 13:16
  • 2
    "Not with route 53 but with a Load Balancer" implies one is necessary, hence my clarifying comment. An ELB and ACM are one way, but not the only one. – ceejayoz Oct 09 '18 at 13:34
  • @Kaymaz - do you have an example dns entry you can provide with R53 to redirect *.example.com to the apex domain of example.com? – Metro Smurf Sep 15 '21 at 18:38