top | item 45747070

(no title)

speleding | 4 months ago

I don't like this change. There are a lot of SaaS business that allow you to create a CNAME along the lines of "saas_app_name.yourbusiness.com". For example Fastmail and Zoho do that, our business offers that feature as well. When you arrive at our site we do a redirect to a proper https URL.

But a browser will not accept a redirect from a domain with an incorrect certificate (and rightly so), so this will start failing if https becomes the default, unless we generate certificates for all those customers, many thousands in our case. And then we need to get those certificates to the AWS load balancer where we terminate https (not even sure if it can handle that many). I think we may need to retire that feature.

discuss

ItsHarper|4 months ago

I don't know your business, but I would never consider using such a feature that didn't support HTTPS all the way through as a business customer. It's not like this can't be done at scale (all custom domains served by Netlify use Let's Encrypt certs, for example).

7bit|4 months ago

Sounds like a big excuse.