Nginx

Can apache/nginx choose from multiple certificates?

There is a service, let's call it service.com. The sites a.com, b.com, c.com, etc. use it through cross-domain requests (the user does not go directly to service.com), but javascript from a.com accesses service.com.

With modern tracking addons, cookies set by service.com are considered third-party and sometimes not accepted by default - this is a problem. Yes, the user can disable addons for this or set an exception, but it's still annoying.

There is a solution - a.com creates a service.a.com entry that points to service.com and accesses it. From the service side, it is now possible to obtain a LetsEncrypt certificate for service.a.com and serve requests. Now these are already first-party cookies, and they are installed.

Now to the technical problem itself: There is an option for 100 sites (a.com, b.com, ...) to make 100 virtual hosts, and each will use its own certificate, the virtual host for service.a.com will use service.a.com .crt for example. But it's not pretty.

Question: Is it possible to do something so that the web server itself selects the appropriate certificate? That is, a site without virthosts (one common config for service.a.com, service.b.com, ...), and it has something like SSLCertificateDir /path/ , it picks up 100 certificates from there, and when accessing gives the certificate corresponding to the host to the site.