Ability to get SSL certificates to create HTTPS subdomains on other servers

In advance sorry for my possible poor understanding of this issue and mistakes I could write, I'm not quite mastering all technical aspects of SSL and HTTPS.

Say you develop and https Webflow hosted site. And you need to embed a service in it (a booking service from a 3rd party booking company for example), and this service is using cookies. Your custom domain is https://customdomain.com. The 3rd party service asks you SSL certificate to create a https://booking.customdomain.com that you will embed in an iFrame on the Webflow site.

But you can't because Webflow can't at the moment deliver SSL certificates for such usage.

So you decide that the booking server (which of course needs to be https, unless it breaks the https of the Webflow site) will be https://bookig-customdomain.3rdpartyservice.com.

But this solution bugs, especially on Safari and Safari mobile, because cookies can't travel well from one domain to another. The result is cookies alerts and the booking system not working.

I found this that possibly explains that: https://stackoverflow.com/questions/408582/setting-cross-domain-cookies-in-safari

So in this case, I can't use iFrame embedding at all, I have to route the booking traffic to the booking site solely, and that's not ideally clean because the URL changes, the navigation gets more complex, analytics isn't so easy etc...

Thanks for listening, feel free to reword or split this request.

  • Vincent Bidaux
  • Jul 4 2017