Creating custom domains for Bluemix Cloud Foundry applications
For Cloud Foundry apps and container groups, you can use a custom domain in the URL of your application instead of the default Bluemix system domain of mybluemix.net. Custom domains are defined at the organization level. To define a domain, register the domain with a name service provider, add a CNAME record to map host names for the domain to the Bluemix secure router, and then add the custom domain to the organization.
After it’s defined, you upload a signed wildcard (all hosts) domain certificate and associated private key through the web UI or Bluemix CLI.
These are the supported file formats for certificate files:
PEM (.pem, .crt, .cer, and .cert)
DER (.der or .cer)
PKCS #7 (.p7b, .p7r, .spc)
When using SSL with a custom domain, access to applications within the domain can be configured to be authenticated by client certificates. To configure this feature, the developer must upload a file that contains a set of client certificates, also known as the Client certificate trust store. The trust store must be in one of the supported file formats.
The use of self-signed certificates is supported for testing and development scenarios. When using self-signed certificates, upload signer certificates to client browsers to avoid browser security exceptions.