CNAMEs and HTTPS certificates

Custom layouts are wonderful

You can make Spinitron public pages impersonate your station’s web site using the custom layout feature. Navigation from your site to pages with live Spinitron content (playlists, schedule, etc.) and back again is seamless. With custom styles in Spinitron the visual appearance can seamlessly integrate too. See our example web site.

Problem 1: Links to

Pages with live Spinitron content in a custom layout are served by Spinitron’s web server, not yours. Without more work, these page’s URLs therefore have as the server name. Visitors on your site may notice that certain links have a different server name and, when they visit these pages, the browser will display in its address field on pages that impersonate your web site very well. This could be surprising or even seem suspicious.

Solution 1: Use a CNAME

To address this issue, you might want to set up a CNAME in your station’s domain that points to For example, if your station’s web site were then you could set up a CNAME that points to

We would then provision a virtual server named in on our servers . The virtual server will accept and respond to requests for your public pages that have as the Host request header.

With the virtual server in place, you can use in links to tje Spinitron public pages with the custom layout. It’s unavoidable that the virtual server name is different from your web site’s server name but, using the CNAME, at least both can be in the same domain.

Problem 2: HTTPS

More and more web sites use HTTPS, i.e. secure HTTP. Spinitron switched to HTTPS years ago. Meanwhile, web browsers have been getting more touchy about using insecure HTTP. For example, if I navigate from a secure page to an insecure one, Firefox sometimes gives me a warning.

You can opt to use only plain (insecure) HTTP on the virtual server that we provision with your CNAME. But if you want it to support HTTPS then Spinitron’s servers need a way to authenticate the virtual server as belonging to your station’s domain.

Solution 2: Get a certificate for the CNAME and give it to Spinitron

For Spinitron’s web server to support HTTPS on the virtual server described in Solution 1 above, it needs a certificate for that CNAME. The domain owner needs to obtain the certificate and give it to Spinitron.

If necessary, it may be possible for Spinitron to obtain a certificate for your CNAME’s virtual server. We haven’t tested this yet.

Problem 3: Administration

Provisioning a virtual host for your CNAME and obtaining/deploying its HTTPS certificates puts Spinitron, for the first time, in the business of web hosting. The server configuration work will be manual for the time being.

Solution 3: Service charge for virtual host and certificate provisioning?

We need to discuss this with the early adopters.

It looks like we are now in a position to offer a virtual host using a station’s CNAME with an HTTPS certificate from Let’s Encrypt. Contact me if you want to try it.