Change default domains

We need some help with the issue of domains in the deployment of OpenBalena that we are stuck on.

We are following the instructions for implementing OpenBalena, using this link as a reference: openBalena Getting Started Guide | Open Balena

We are currently stuck at the point where it says:

“openBalena server also supports custom/manual TLS configuration. You must supply your own SSL certificate, private key and a full certificate signing chain. A wildcard SSL certificate covering the whole domain is recommended.”

It indicates that we should use a wildcard SSL certificate that covers the entire domain. However, for us to comply with this, we need the automatically generated subdomains from OpenBalena to change the first dot to a hyphen, meaning that the domains should be like this: api-domain.test.com.co because OpenBalena is currently generating the subdomains as api.domain.test.com.co, and we cannot generate wildcard SSL certificates.

Similarly, if you have a different recommendation on how to carry out this implementation, we would appreciate your help in getting past this obstacle.

Hi,

I think this bit depends on how your DNS records configuration works.
Different providers offer different interfaces for this.
Can you explain why you feel you need the hyphen instead of the dot?

I think you are getting confused by the wording of “the wildcard DNS record that covers the entire domain”.
This does not need to be your top level domain.

For my own tests, I created a wildcard record for *.balena.domain.tld; this catches all the endpoints that are required for OpenBalena (like api.balena.domain.tld).
This way, I can easily point all of my OpenBalena stuff to a different test server, simply by changing that one entry, which won’t affect anything else running on my domain.

For the SSL certificate, you can get one from LetsEncrypt using certbot for the same wildcard subdomain *.balena.domain.tld, or one that only covers the OpenBalena specific endpoints.