Component description

This root360-component provides a dynamic solution for routing domains into your AWS environment while fully automating the creation of SSL certificates via "Let's Encrypt". A typical use case would be a SaaS solution where users would be able to independently create websites with their own domain (e.g. kunde.de) and one SSL certificate each. The component is based on Caddy 2 (https://caddyserver.com/), Load Balancer (NLB), Auto Scaling Group and a Shared Folder (EFS).

Common use cases

A typical use case for the SSL-/Domain-Proxy is a SaaS-Application (e.g. a website-builder) for a large amount of users where every user should be able to use its own domain (e.g. user1.de or user2.com). Each domain needs a working SSL-certificate and must route to the SaaS-Application. The entire process on the application side should run automatically.

Example configuration

The first request the user connects to the Network Load Balancer which requests the SSL-/Domain-Proxy (Caddy 2). With the request a Let’s Encrypt certificate is generated and stored in the EFS (Certificate Store). Further requests will than just utilize the stored certificate and connect to the internal Application Load Balancer which than fetches the content from the attached App-Server. So all requests following the initial request are secured by SSL.

Requesting SSL-/Domain-Proxy

If you want to request the SSL-/Domain-Proxy, you can do so by sending an E-Mail to service@root360.de or creating a ticket in the ticket system.

Pricing

For root360 Managed Services pricing please contact our Service Team.

Related tutorials