Hello,
We are developing ABP.io commercial micro service + Angular architecture based multitenant application, and will be hosting on AKS. We were reffering your documentation - https://docs.abp.io/en/abp/latest/UI/Angular/Multi-Tenancy#tenant-specific-remote-endpoints. In the "Tenant Specific Remote Endpoints" section in this link, you are suggesting to have - baseUrl: "https://{0}.mydomain.com/" issuer: "https://{0}.ids.mydomain.com" url: "https://{0}.api.mydomain.com" url: "https://{0}.identity.mydomain.com"
According to above configuration for each tenant, either we need to have 4 different wildcard cartificate or one multidomain certificate (which is limited to specific number for domains - lets say up to 100 domains/certificate) whats your recommendation on this - shall we go with four different wildcard certificates (*.mydomain.com, *.ids.mydomain.com, *.api.mydomain.com & *.identity.mydomain.com) or go with single multidomain certificate ?
Apart from this, rather than going with multiple wildcard certificates or a multidomain certificate approach, we are also planning to go with an approach, wherein, we can use -{0}.mydomain.com, ids.mydomain.com, api.mydomain.com, & identity.mydomain.com by handling the configurations from the code, so that we can go with single wildcard certificate for unlimited sub-domains?
Whats your recommendation on this ?
Thanks
7 Answer(s)
-
0
@maliming
Can you please provide some pointers on this ?
-
0
if there'll be 100 tenants then using a wildcard certificate that supports all subdomains of your tenant1.website.com is good to go . but if your tenants are limited and known before then you can setup individual SSL certificates. for example we use this
-
0
Thanks for your response. My next question is, whether the Wildcard certificate for a {0}.mydomain.com will also work for the following :
oAuthConfig.issuer "https://{0}.ids.mydomain.com" apis.default.url url: "https://{0}.api.mydomain.com" apis.AbpIdentity.url url: "https://{0}.identity.mydomain.com"
OR Do we need to buy separate wildcard certificate for each of the above API Urls ?
In short to run the above application with respective configuration (https://docs.abp.io/en/abp/latest/UI/Angular/Multi-Tenancy#tenant-specific-remote-endpoints) , do we need four wildcard certificates ?
-
0
@maliming
Can you please provide some pointers on this ?
Awaiting your early response for this customer.
Thanks
-
0
hi
I can't provide professional advice on SSL.
We have examples of using domain to resolve tenants.
https://github.com/abpframework/abp-samples/tree/master/DomainTenantResolver#angular
-
0
@kirtik we are not experienced on SSL issues. this is more like devops issue rather than ABP. maybe you can ask to experienced DevOps guys
-
0
This question has been automatically marked as stale because it has not had recent activity.
