SSL certificates allow HTTPS to be enabled for a custom domain used in a CNAME. Our new SSL certificates feature allows you to upload your own SSL certificate so that you can still brand your links with your company's domain name instead of the ClickDimensions domain while still allowing for a secure connection via HTTPS. This is currently available for use with Web Content CNAMEs and multiple SSL certificates can be uploaded if you make use of multiple CNAMEs on different domains.
Uploading a new SSL certificate
Navigate to Settings and Support > ClickDimensions Settings > SSL Certificates in CRM.
This will open the SSL Certificates area where you can upload your certificates:
Clicking the Upload File option will allow you to select an SSL certificate to upload.
SSL Certificate Requirements
For all regions, the SSL certificate will need to be for a specific domain that points to: cd-analytics.azurefd.net
Wildcard certificates are supported, but the domain must NOT contain with a wildcard character (ex. *.clickdimensions.com cannot be used). The certificate's validity period must be greater than 30 days, and the currently supported file types for your SSL certificate are:
- .pfx
- .pem (can only have one certificate and private key included)
You can then enter your certificate's password if it has one set and enter the domain used in your SSL certificate. This domain will need to have a corresponding Domain record created in CRM for this process to complete properly. Once you have filled in these fields, you will then have the option to 'Confirm and Add' your certificate.
If the validation is successful, then the certificate will process on our end and you should be able to use HTTPS with this Web Content CNAME after 1 hour when the process should be complete.
Updating SSL certificates
Once you have at least one uploaded certificate, the SSL Certificates screen will also update:
You will then be able to add a Notification Email that will be alerted 30 days before your certificates are about to expire. You will also have the options to Remove this certificate or use the Replace File option to change the certificate itself. If you have additional certificates that you would like to use, then you can use the Add Another SSL Certificate option to create another entry.
Allowed Certificate Authorities
Which Certificate Authorities do we allow?
- AddTrust External CA Root
- AlphaSSL Root CA
- AME Infra CA 01
- AME Infra CA 02
- Ameroot
- APCA-DM3P
- Atos TrustedRoot 2011
- Autopilot Root CA
- Baltimore CyberTrust Root
- Class 3 Public Primary Certification Authority
- COMODO RSA Certification Authority
- COMODO RSA Domain Validation Secure Server CA
- D-TRUST Root Class 3 CA 2 2009
- DigiCert Cloud Services CA-1
- DigiCert Global Root CA
- DigiCert Global Root G2
- DigiCert High Assurance CA-3
- DigiCert High Assurance EV Root CA
- DigiCert SHA2 Extended Validation Server CA
- DigiCert SHA2 High Assurance Server CA
- DigiCert SHA2 Secure Server CA
- DST Root CA X3
- D-trust Root Class 3 CA 2 2009
- Encryption Everywhere DV TLS CA
- Entrust Root Certification Authority
- Entrust Root Certification Authority - G2
- Entrust.net Certification Authority (2048)
- GeoTrust Global CA
- GeoTrust Primary Certification Authority
- GeoTrust Primary Certification Authority - G2
- Geotrust RSA CA 2018
- GlobalSign
- GlobalSign Extended Validation CA - SHA256 - G2
- GlobalSign Organization Validation CA - G2
- GlobalSign Root CA
- Go Daddy Root Certificate Authority - G2
- Go Daddy Secure Certificate Authority - G2
- Let's Encrypt Authority X3
- Microsec e-Szigno Root CA 2009
- QuoVadis Root CA2 G3
- RapidSSL RSA CA 2018
- Security Communication RootCA1
- Security Communication RootCA2
- Security Communication RootCA3
- Symantec Class 3 EV SSL CA - G3
- Symantec Class 3 Secure Server CA - G4
- Symantec Enterprise Mobile Root for Microsoft
- Thawte Primary Root CA
- Thawte Primary Root CA - G2
- Thawte Primary Root CA - G3
- Thawte RSA CA 2018
- Thawte Timestamping CA
- TrustAsia TLS RSA CA
- VeriSign Class 3 Extended Validation SSL CA
- VeriSign Class 3 Extended Validation SSL SGC CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- VeriSign International Server CA - Class 3
- VeriSign Time Stamping Service Root
- VeriSign Universal Root Certification Authority
Feature Added: 11.3.0 |
Feature Updated: 11.3.0 |
ClickDimensions Version Needed: 11.3.0 |