Frequently there is a need to cover more than one domain on your Acquia Cloud site(s) under SSL so that they're reachable via https://... URLs. This article details some limitations and tips on how to achieve that.
Acquia Cloud Customers
Since Acquia Cloud applications are limited to one SSL certificate per environment (dev/stage/prod), if you need multiple domains covered under SSL, you will need to upload a single SSL certificate to the environment. (See https://docs.acquia.com/acquia-cloud/manage/ssl/cert/#cloud-install-ssl-cert).
- One option is a Wildcard Certificate which covers any domain that matches a root domain.
- For example, a Wildcard cert for *.domain.com would secure example1.domain.com, example2.domain.com, etc.
- For more info see http://www.networksolutions.com/SSL-certificates/wildcard-certificate.jsp
- Another option is a Unified Communications Certificate (UCC), which covers multiple domains.
- A UC Certificate is also known as "Multi-Domain Certificate" or "SAN Certificate".
Please consult your SSL vendor to determine what options are available to you.
Note that you can use the same certificate for different applications/environments. This means that if you already own a single certificate that protects all your domains (including non-production), you can upload that certificate to each environment on each application via the Acquia Cloud UI.
Workarounds
If you want to avoid getting a Wildcard or UCC Certificate, there are some workarounds you can try:
- For testing purposes, since Acquia Cloud lets you have a different certificate per environment, you could opt to test an existing certificate there (and then replace the original afterwards).
- It may be necessary to talk to your DNS provider to point DNS to a different IP.
- If you were to route traffic through a CDN (such as Acquia Cloud Edge) then that CDN offering may let you have individual/different SSL certificate per each domain.
- You could also use an additional application within your Acquia subscription, which can have a different SSL certificate than your original application.
Acquia Cloud Site Factory Customers
Most of the details that apply to Acquia Cloud also apply to Site Factory, however:
- You can NOT have different SSL certificates per-environment, it must be a single certificate that will be deployed directly to your load balancers.
- This single certificate MUST cover all of your domains across all your environments, including non-production and production domains.
- Same as with Acquia Cloud, you can opt to use either a Wildcard or UCC certificate. Contact your SSL vendor for more information.
In Site Factory, you still have the option of working around this limitation if you routed traffic through a CDN which let you you have individual/different SSL certificate per each domain.