IIS 7 and Above
Configuration & Scripting
Installing SSL for Custom Domains in IIS using LetsEncrypt
Re: Installing SSL for Custom Domains in IIS using LetsEncrypt
Sep 21, 2019 01:15 AM|lextm|LINK
DNS can only forward the packets to your IIS server, with the host header of app.customerdomain.com.
So if your IIS server must handle those packets, it must have a valid site binding with either app.customerdomain.com as host name or empty host name to catch all. More info can be found in
If your server only has a binding for custom.domain.com, then all packets will be dropped.
Can you modify your server with a valid binding? If not, ask your clients to set up their reverse proxy (not merely DNS) to forward packets, as reverse proxies are capable of not only passing on packets, but also modify their host headers.