nonken
commented
3 years ago @JMD ahh love this! Would love to understand your idea a bit better. Do you have a customer example in mind? Is the idea for example to have custom subdomains for customers? And then the backend needs to figure out what to do based on the subdomain?
Yes exactly. The example that springs to mind is a product called Bidsketch. It lets you write custom proposals for project work and so on. They set you up with a nonken.bidsketch.io subdomain with them, and that's how you access the product. But you can also configure a custom domain, say proposals.nonken.io and that will point to nonken.bidsketch.io - with the correct SSL certs generated for you on proposals.nonken.io Another example might be super.so itself right, it exists because notion.io wont give you custom domains yet But imagine you wanted saasmanual.com to point directly to saasmanual.notion.io Hope that helps!
Yes exactly, you have the use case nailed in that example. So like cdkmanual.com or kinesismanual.com all pointing to saasmanual.com - but sassmanual.com is loading the right content for each of those sites, AND provisioning the correct SSL certs for them as well (this is the tricky part as far as I can see) The way I figured it might work is to use certbot in a lambda say, and it plops out a cert to S3 (maybe?) and then that gets added to a cloudfront distribution maybe?
@JMD and you want to provision the certs on demand? For cdkmanual.com I can do this beforehand because I know it’s happening One more: you mentioned the proposals.nonken.io - to generate a cert for that I need to be able to verify the signing request. So as the owner I will have to do work. Or am I missing something?
@nonken Yeah you're right - so cdkmanual.saasmanual.com would have to accept a HTTP call to the .well-known path for to proxied domain cdkmanual.com I guess. Sorry I might be diving you into the weeds on this! I've written up an idealized use case https://www.notion.so/kantan/AWS-Lambda-SSL-81dfc8106ade480a9751bf7f0adffe8a
From JMD on Discord: