SSL certificates allow HTTPS to be enabled for a custom domain used in a CNAME. Our new SSL certificates feature allows you to upload your own SSL certificate so that you can still brand your links with your company's domain name instead of the ClickDimensions domain while still allowing for a secure connection via HTTPS. This is currently available for use with Web Content CNAMEs and multiple SSL certificates can be uploaded if you make use of multiple CNAMEs on different domains.
Uploading a new SSL certificate
Navigate to Settings and Support > ClickDimensions Settings > SSL Certificates in CRM.
This will open the SSL Certificates area where you can upload your certificates:
Clicking the Upload File option will allow you to select an SSL certificate to upload.
SSL Certificate Setup and Requirements
First, you will need to set up a CNAME within your domain provider's settings. For all regions, this CNAME needs to point to: cd-analytics.azurefd.net
Once this is done, you will need to generate the SSL certificate and upload this certificate using the SSL Certificates option on the ClickDimensions Settings page as shown above. Wildcard certificates are supported, but the domain must NOT contain with a wildcard character (ex. *.clickdimensions.com cannot be used as the domain). The certificate's validity period must be greater than 30 days, and the currently supported file types for your SSL certificate are:
- .pem (can only have one certificate and private key included)
You can then enter your certificate's password (if it has one set) and enter the CNAME used in your SSL certificate to complete the upload process. Once you have filled in these fields, you will then have the option to 'Confirm and Add' your certificate.
After the SSL certificate has been uploaded, you will then need to create a new Domain record for your CNAME in CRM for this process to complete properly. Please note that this step must be done after uploading the certificate as this will allow the certificate to process on our end. You should then be able to use HTTPS with Web Content using this CNAME 1 hour after this process completes.
Updating SSL certificates
Once you have at least one uploaded certificate, the SSL Certificates screen will also update:
You will then be able to add a Notification Email that will be alerted 30 days before your certificates are about to expire. You will also have the options to Remove this certificate or use the Replace File option to change the certificate itself. If you have additional certificates that you would like to use, then you can use the Add Another SSL Certificate option to create another entry.
Removing SSL Certificates
If you would like to remove a certificate, then you will first need to go into your domain provider's settings and remove the CNAME from there. Once that CNAME entry is removed, you can then navigate back into Settings and Support > ClickDimensions Settings > SSL Certificates and click the Remove button on the corresponding SSL certificate.
Please note that if you have uploaded the same SSL certificate into multiple environments, then removing the SSL certificate from one environment will remove the certificate from ALL environments. Due to this, you may want to consider using a different set of certificates for the environments were applicable and check each of your environments after removing a certificate to ensure that all of the appropriate certificates are still present.
Which Certificate Authorities do we allow?
- AddTrust External CA Root
- AlphaSSL Root CA
- AME Infra CA 01
- AME Infra CA 02
- Atos TrustedRoot 2011
- Autopilot Root CA
- Baltimore CyberTrust Root
- Class 3 Public Primary Certification Authority
- COMODO RSA Certification Authority
- COMODO RSA Domain Validation Secure Server CA
- D-TRUST Root Class 3 CA 2 2009
- DigiCert Cloud Services CA-1
- DigiCert Global Root CA
- DigiCert Global Root G2
- DigiCert High Assurance CA-3
- DigiCert High Assurance EV Root CA
- DigiCert SHA2 Extended Validation Server CA
- DigiCert SHA2 High Assurance Server CA
- DigiCert SHA2 Secure Server CA
- DST Root CA X3
- D-trust Root Class 3 CA 2 2009
- Encryption Everywhere DV TLS CA
- Entrust Root Certification Authority
- Entrust Root Certification Authority - G2
- Entrust.net Certification Authority (2048)
- GeoTrust Global CA
- GeoTrust Primary Certification Authority
- GeoTrust Primary Certification Authority - G2
- Geotrust RSA CA 2018
- GlobalSign Extended Validation CA - SHA256 - G2
- GlobalSign Organization Validation CA - G2
- GlobalSign Root CA
- Go Daddy Root Certificate Authority - G2
- Go Daddy Secure Certificate Authority - G2
- Let's Encrypt Authority X3
- Microsec e-Szigno Root CA 2009
- QuoVadis Root CA2 G3
- RapidSSL RSA CA 2018
- Security Communication RootCA1
- Security Communication RootCA2
- Security Communication RootCA3
- Symantec Class 3 EV SSL CA - G3
- Symantec Class 3 Secure Server CA - G4
- Symantec Enterprise Mobile Root for Microsoft
- Thawte Primary Root CA
- Thawte Primary Root CA - G2
- Thawte Primary Root CA - G3
- Thawte RSA CA 2018
- Thawte Timestamping CA
- TrustAsia TLS RSA CA
- VeriSign Class 3 Extended Validation SSL CA
- VeriSign Class 3 Extended Validation SSL SGC CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- VeriSign International Server CA - Class 3
- VeriSign Time Stamping Service Root
- VeriSign Universal Root Certification Authority
If I already have an existing Domain record in CRM with a Web Content alias, do I still need to create a new Domain record?
No, you do not need to create a new Domain record. Instead, you can simply purchase a certificate for that existing alias, point that CNAME alias to the cd-analytics.azurefd.net URL in your domain provider's settings, and then upload your certificate using the SSL Certificate option on the ClickDimensions Settings page.
|Feature Added: 11.3.0|
|Feature Updated: 11.3.0|
|ClickDimensions Version Needed: 11.3.0|