fly cert generation - multiple apps - one domain


I have 2 apps, web and api, both of which will point to seperate subdomains on the same domain. To setup certs for both apps I need to validate the cert by setting the_acme-challenge. However it is not possible to add 2 cnames to _acme-challenge.

Is there a recommended way of having multiple apps point to the same domain?

I’m still struggling to work out how to set multiple _acme-challenge for a domain. Is it not possible on fly?

Here’s a workaround: Set the DNS for one challenge, then wait for fly to validate and retrieve your certificate. You no longer need the DNS CNAME once you have the cert, you can delete it, then repeat with your second DNS challenge.

I don’t know if fly supports wildcard certs on a domain, or if it can bundle multiple names in a single cert request. Both of those options would let you use one DNS challenge since they would be one certificate request.

Thanks, but this will break when the tickets need to be renewed a few months later.

hoswald, I just created a cert for two apps. The CNAME record on your domain for each app is unique, so there shouldn’t be a conflict.

For example, for app1, app2:

CNAME _acme-challenge.app1 to
CNAME _acme-challenge.app2 to

These CNAMES you do want to keep since it lets fly renew on your behalf a few months from now.

1 Like