×

Clearalias

The easiest way to provide secure custom domains for your web platform

Clearalias

The easiest way to provide secure custom domains for your web platform

Clearalias seamlessly serves and manages HTTPS Certificates for your customers. Perfect for SaaS, IaaS, or platform providers that host customer content on a variety of domains.

Whether you're a blog provider, a marketplace provider, a SaaS backend, or other digital platform vendor, you may want to expose your customers' published content via a Custom Domain of their choice. Traditionally, this meant dealing rolling your own infrastructure to serve and manage certificates as well as proxy traffic to your platform backend. Clearalias makes this dead simple with no configuration needed on your backend and very little DNS configuration for your customers.

Avatar?ixlib=rails 2.1
I'm actually going through this problem right now with some of the products I'm working on. I'm trying to use Let's Encrypt, but there's a limit to how many domain can fit one SAN certificate and my PaaS (Heroku) only allows one certificate per app.

How do you circumvent this?

And is there a way to have my customers point their CNAME to one of my own domains? Having them point to Clearalias is not a commitment I'd make at this point. (Talk about vendor lock-in!)
Avatar?ixlib=rails 2.1
@marckohlbrugge This was an issue we encountered developing CloudWaitress as our customers can use their own custom domain and it needed to be only HTTPS for online payments.

I was looking for a service like this at the time but didnt find anything. Essentially one way to make this happen is by setting up your own VPS and installing Nginx. You can use Lets encrypt to generate the certs for your domains. Nginx will then serve the cert you choose based on the origin of the request. It was honestly quite complicated so a service like this would be really appreciated.

Also I think you can just CNAME your domain to Clearalias and then get your customers to CNAME to yours and it will just resolve with the origin from the initial request.
Avatar?ixlib=rails 2.1
@CloudWaitress Yeah I'd like to avoid having to set up my own VPS just for SSL. Let's hope Heroku will support multiple certificates per app in the future.

Good point about CNAME'ing the CNAME. I've done something similar before which worked fine.
Avatar?ixlib=rails 2.1
@marckohlbrugge Hey Marc, sorry we didn't see this comment until now. But in case you're still wondering -- yes the issue of  dynamically managing certificates is pretty hairy and there are some stacks where solving it is slightly easier than others, but regardless it often comes at a real cost for the platform that wants to provide customers with HTTPS. That's why we built Clearalias. It simply should be a problem that can be abstracted away. Because of the current patent process, it's best not to publicly discuss "how" we do something. Thanks!

Sign in with Twitter to join the discussion