Frequently there is a need to cover more than one domain on your Acquia Cloud site(s) under SSL so that they're reachable via https://... URLs. This article details some limitations and tips on how to achieve that.
Acquia Cloud Professional Customers
Since Acquia Cloud Professional applications are limited to one SSL certificate per environment (dev/stage/prod), if you need multiple domains covered under SSL, you will need to upload a single SSL certificate to the environment. (See https://docs.acquia.com/acquia-cloud/manage/ssl/cert/#cloud-install-ssl-cert).
- One option is a Wildcard Certificate which covers any domain that matches a root domain.
- For example, a Wildcard cert for *.domain.com would secure example1.domain.com, example2.domain.com, etc.
- For more info see http://www.networksolutions.com/SSL-certificates/wildcard-certificate.jsp
- Another option is a Unified Communications Certificate (UCC), which covers multiple domains.
- A UC Certificate is also known as "Multi-Domain Certificate" or "SAN Certificate".
Please consult your SSL vendor to determine what options are available to you.
Note that you can use the same certificate for different applications/environments. This means that if you already own a single certificate that protects all your domains (including non-production), you can upload that certificate to each environment on each application via the Acquia Cloud UI.
Be aware, wild card domains will only cover a single sub-domain as seen in the example below,
- This will work *.domain.com (www.domain.com)
- This will not work *.*.domain.com (www.qa.domain.com)
Workarounds
If you want to avoid getting a Wildcard or UCC Certificate, there are some workarounds you can try:
- For testing purposes, since Acquia Cloud lets you have a different certificate per environment, you could opt to test an existing certificate there (and then replace the original afterwards).
- It may be necessary to talk to your DNS provider to point DNS to a different IP.
- If you were to route traffic through a CDN (such as Acquia Cloud Edge) then that CDN offering may let you have individual/different SSL certificate per each domain.
- You could also use an additional application within your Acquia subscription, which can have a different SSL certificate than your original application.
- If you have two SSL certificates that need to be used on one Prod environment, you could install one cert as a "Legacy/ELB" cert and the other as a non-Legacy/Standard SSL cert. For more information about using SSL on our platform, please see: https://docs.acquia.com/cloud-platform/manage/ssl/
Acquia Cloud Enterprise and Site Factory Customers
Acquia Cloud Enterprise and Site Factory supports the use of multiple active certificates on each environment. See our installation instructions.