I have looked at similar questions such as this and this, but the answers seem to focus on how to set up virtual hosting. I'm not an expert on it, but I'm more worried about what to do after I have that working. Here's my example:
Let's say I'm a SaaS provider of a service foo. I host at fooservice.com. For each user, they get their own subdomain bob.fooservice.com. I'm pretty sure I can get that part covered. There is lots of documentation on it. Let's also assume that Bob wants the service to appear as a subdomain of his site awesomebob.com. He wants it to be foo.awesomebob.com. I know that what Bob has to do is add a CNAME record from foo.awesomebob.com -> bob.fooservice.com. My question is what do I have to do to make sure that all works on my fooservice server.
- Do I have to do anything special to make sure that the address bar stays foo.awesomebob.com?
- How can I make sure that only the CNAME foo.awesomebob.com is able to do the domain mapping? On sites like shopify and wordpress, they make you input the domain that is being used for the mapping through an admin panel. What is going on behind the scenes here?
- From what I've researched, this would be impossible to do with a single IP address and still have SSL support. Is that correct?
If you're using Dedicated IPs, then the user could add whatever CNAMEs they wanted and they would work. You could add filtering to your web server to block this behavior.
If you only allow SSL for subdomains of your primary domain (bob.fooexample.com would be ok, bob.awesomebob.com not ok) then you can use a wildcard cert for the domain *.fooexample.com. This doesn't cost too much and you wouldn't need to update it when you add a new subdomain. In either case, the cert can't be an EV cert (no green address bar).