I'm trying to increase security for my cloud-based / multi-tenant environment. I'm considering having clients access an obscure URL such as GUID.myCloud.com. I will then respond to that guid-based request with customer-specific data.
Considering that the certificate itself has a Subject name of *.myCloud.com, does that mean that the TLS protocol itself won't expose my private hostname?
Is there any reason to believe that Subject Alternative Names would behave any differently?
