We are soon to launch our own website builder that will help businesses create and host websites on our server. These businesses will point their domains to us via cname entry in their DNS. We plan to have a wildcard subdomain and run each business website on their own sub domain.
For example
Business 1 - Domain biz1 . com - DNS on Godaddy
Website will run on biz1 . example . com
www . biz1 . com -> cname to biz1. example . com
Business 2 - Domain biz2 . com - DNS on Google
Website will run on biz2 . example . com
www . biz2 . com -> cname to biz2 . example . com
Our cloud flare account will only have the DNS for our domain example . com
SSL Certificate - We will use letsencrypt to issue an SSL certificate for each business domain.
Questions
Would cloudflare allow us use multiple SSL certificates, one for each business domain ?
Do we even need multiple SSL certificates or can we just live with a single SSL certificate ?
End goal - DDOS protection for all websites we host.
Both of these scenarios are limited to enterprise deals via SSL for SaaS, which can only be acquired via contacting enterprise sales (pricing is also highly custom, so you won’t find a price estimate without explaining your use case):
If you don’t want to pay for SSL for SaaS, your only options for allowing CNAMEs are to cname biz1.com → biz1.example.com, but have the subdomain unproxied. If you do go unproxied, you can use a wildcard record.
As a side effect of being unproxied, you won’t get any of the benefits of CF - it’s just like a regular CNAME and won’t be DDOS protected.