
SSL now available for Tumblr blogs with custom domains - sprybear
https://security.tumblr.com/post/166219476810/support-support-ssl-security-which-has-been
======
sideproject
How would one achieve this using LetsEncrypt?

I have a platform where my customers can use their own domain. But I am not
sure of an easy (automated) way of doing this using LetsEncrypt.

There was a post awhile back that explained how Etsy does it
([https://codeascraft.com/2017/01/31/how-etsy-manages-https-
an...](https://codeascraft.com/2017/01/31/how-etsy-manages-https-and-ssl-
certificates-for-custom-domains-on-pattern/))

But it was wwaayy too much for a small startup like me.

I can think of a manual way of course.

~~~
j_s
I think caddy supports automagically combining multiple domains on LetsEncrypt
certificate requests. It is possible to set it up as a proxy just to get
certificates but be aware of rate limit issues, especially if a domain expires
or otherwise becomes invalid.

[https://caddyserver.com/](https://caddyserver.com/)

I was trying to use it temporarily as the simplest way to get a multi-domain
LetsEncrypt cert on Windows, but ran out of time attempting to convert the
resulting certificate format into something I could take back to IIS.

Those securing custom subdomains are looking forward to January 2018 when
wildcard certificates arrive. [https://letsencrypt.org/2017/07/06/wildcard-
certificates-com...](https://letsencrypt.org/2017/07/06/wildcard-certificates-
coming-jan-2018.html)

~~~
ngrilly
By design, Caddy doesn't support SAN certificates:

[https://github.com/mholt/caddy/issues/831](https://github.com/mholt/caddy/issues/831)

~~~
j_s
Thanks for clearing up my confusion. From the discussion there it looks like
this project might meet OP's needs:

[https://github.com/containous/traefik](https://github.com/containous/traefik)

~~~
ngrilly
Yes, it looks like Traefik handles SAN certificates from LE.

------
davidpelayo
How are they managing the content not specifically served over https? Do the
scrap and download it, rewrite urls at their storage and re-serve back over
https?

~~~
rsynnott
Does Tumblr actually allow the embedding of arbitrary images? I've never
knowingly seen a Tumblr blog embed external ones; they always seem to be
Tumblr-hosted.

~~~
ameliaquining
Yes, Tumblr themes can contain arbitrary HTML. Letting Tumblr host theme
assets is generally the easiest way to make them available though.

------
Kelab
tumblr no longer allow custom domain i just check

~~~
detaro
What did you check? They still document it, I can't find an announcement
otherwise and on my account I still have the option to enable it.

