SSL configured incorrectly for nested subdomains

I am setting up branch deploys for our site (sdk.operatorframework.io) which are nested subdomains, ie, v0-18.sdk.operatorframework.io. The SSL domains are *.operatorframework.io, operatorframework.io, which apparently does not cover nested subdomains. Example: https://branch-test.sdk.operatorframework.io/. We plan to have branch deploys for each release, so ideally we could configure a wildcard for the sdk subdomain.

Is this something that we can adjust ourselves?

Hi, @asmacdo, this is supposed to be automatic with Netlify DNS so I’m researching why this isn’t working.

We’ll update this topic again as soon as we have more information.

This seems like a bug to me. While I believe I have gotten the currently displayed branches from our UI in place for you in the certificate so I think that the branches you have listed now should work, and I hope that other branches will too. I’d also like to get a bug filed to prevent future malfunction. Could you help me out with two things?

  1. Could you confirm that existing branches shown in the UI here work for you as expected? https://app.netlify.com/sites/operator-sdk/settings/domain#branch-subdomains
  2. Could you try adding another and let me know if the UI shows it, and if the browser can get to it? Shouldn’t need any SSL renewal to work with other branches now.
1 Like

Existing branches work well, and so do new ones: https://new-branch-test.sdk.operatorframework.io/

Note to future people: these test branches are only temporary.

Thank you!

Great to hear and thanks for your help!

If you set up branch subdomains on a second site before you hear back from us in this thread about a fix, you’ll still need to request this fixup. I’m not sure how soon we’ll get the bug fixed since this is not a frequent use case across our customer base (but there are 3 such requests open right now including yours, so perhaps times are changing :))