I have one module where the user can add a domain CNAME type.
The application domain name is xyz.com. This domain uses load balancer wildcard subdomains. When the user registers, a subdomain a1.xyz.com is created. The subdomain is based on the username, so every user has a unique subdomain. The user may add other domains to point here a1.xyz.com
For example, the user entered the a1.abc.com domain and set up the given Cname details on a1.abc.com records. Here, a user has a domain(a1.abc.com) in AWS Route 53.
As well as I have a domain(xyz.com) in AWS Route 53.
When a1.abc.com points to a1.xyz.com it returns an error related to the SSL certificate.
Error Message when verifying SSL:
Peer certificate CN
xyz.comdid not match expected CNa1.abc.com
What am I doing wrong?
The issue is related to SSL certificates assigned to your load balancer.
I guess your load balancer has assigned one of the certificates:
This means your load balancer is capable of encrypting traffic when domain a1.abc.com or *.abc.com is used.
Now goes the important part: if you want other people to add CNAME to your balancer, then your load balancer has to be assigned another certificate (yes, load balancers can have assigned multiple certificates for different domains). So in your case, you need to create another certificate for a1.xyz.com and assign it to the load balancer.