This is the same problem we are facing here. We need to spin up a third-party service that only works with a specific set of certificates and does not accept non-https handshakes. We can't deploy it because, even if we configure it correctly, the ssl connection is handled before it gets to the service so it complains... In our case, allowing custom certificates is not enough as the third-party service needs to handle the certificate

We need the ability to install EV SSL certificates on Render to meet compliance requirements and customer expectations. EV SSL is crucial for industries like finance and healthcare, as it builds trust and demonstrates the legitimacy of the business.

Please prioritize adding support for custom EV SSL certs as it’s becoming a key requirement for many businesses. Thank you!

We also would like to see custom SSL certs. For many use cases, having SSL certs automatically provisioned is great. But for others (like ours), it's a big negative.

I also agree with Josh on EV. We are not currently using one, but have had to in the past.

Critically, you cannot use certificate pinning with Cloudflare/Let's Encrypt issued certs. While Cloudflare is recommending against using pinning, because you can shoot yourself in the foot (and probably because they prefer their own product), their solution does not protect a mobile app from Man-In-The-Middle attacks. Certificate pinning is currently the only way to prevent that. And the only way to do pinning is to be in control of your SSL cert.

Aside from our operational security, this becomes a pretty big ding in the pen test report that we have to share with our larger customers.

Slightly different use case here - we purchased an EV cert, which is preferred to DV among our customer base (healthcare), and would like to be able to use it.

Agreed, we have the same use case here