We have a multi-tenant application (dotnet core + Angular), the main website url for https://example.com, The customers URLs are (http://cust1.example.com, http://cust2.example.com,…...)
If the customer need to use his own domain, he just need to redirect his to domain to our server, for example: Customer 1 has his own domain: customer1.com, so he will go to domain setting and edit the DNS setting to refer to our server IP record @ = X.X.X.X (Our server IP) record CNAME www = cust1.example.com Then he can open his app using his domain (http://customer1.com) instead of using (http://cust1.example.com)
No, we go to the next step and use HTTPS, I have created a wildcard certificate with LetsEncrypt using certbot: sudo certbot –server https://acme-v02.api.letsencrypt.org/directory -d *.example.com –manual –preferred-challenges dns-01 certonly
Now, the application works as HTTPS if you visit it with (https://cust1.example.com) and working fine,
But the problem is, how to serve the HTTPS with different domain names, let's say that I want to visit https://customer1.com, it's obviously cant serve because there is no certificate in the server with this domain name.
We need an automatic way to create a certificates to the new domains without create a new block in the nginx config file, because maybe will be 100000 customers, so it's impossible to do it manually.
Here is my Nginx config file now
server {
listen 80 default_server;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl default_server;
server_name example.com *.example.com;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
I tried to use Lua with nginx, but I didn't find the way to do that,
Anyone can suggest a solution fir this issue?
Best Answer
I hope you can find solution with below mentioned vhost file.