Amazon Certificate Manager - Multiple domains service

Question

We run an online service, where our customers can have it running on either their own domain (customerX.com) or as a subdomain on our domain (customerX.ourdomain.com).

We are interested in adding SSL support to all customers and was thinking of using ACM (Amazon Certificate Manager).
However, I'm a bit insecure about the setup.
Can it be done by requesting certificates for each of the domains, eg:

*.ourdomain.com
customer1.com  
customer2.com  
customer3.com

If so, the only problem is the limit of 20 domains, that should be fairly easy to resolve by requesting a bigger limit - In fact we've already done this today.

Can someone point out to me, if this is the way to do it, and if it is possible with ACM?

Are you using CloudFront or ELB? I suspect there are multiple hidden gotchas with trying to combine too many domains on one cert... more than 20 seems excessive (the default limit is documented as 10). But, let us know what the max limit is that support will allow if you can find out. — Michael - sqlbot, Apr 25 '16 at 13:22

score 0 · Answer 1 · answered Jun 23 '16 at 19:21

0

If you are using Elastic Beanstalk, you will find this prohibitive due to having to verify every domain each time you make a change (add a domain). This page explains it in more detail: http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html

answered Jun 23 '16 at 19:21

Patrick Stephan

1,809
16
23

Amazon Certificate Manager - Multiple domains service

1 Answers1